Microsoft has released three critical security patches, including fixes for flaws in Internet Explorer leaving users open to attack, in its latest Patch Tuesday update.
The Internet Explorer update is listed as 'critical' as it could be used to remotely execute code on a victim's system.
"This security update resolves one publicly disclosed and 40 privately reported vulnerabilities in Internet Explorer," read Microsoft's advisory.
"The most severe of these could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
"An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user."
The remaining 'critical' fixes relate to flaws in Microsoft's Windows Kernel-Mode Driver and Group Policy, some of which can also be remotely exploited.
"The most severe of the [kernel] vulnerabilities could allow remote code execution if an attacker convinces a user to open a specially crafted document or visit an untrusted website that contains embedded TrueType fonts," read the advisory.
"The [Group Policy] vulnerability could allow remote code execution if an attacker convinces a user with a domain-configured system to connect to an attacker-controlled network."
The February Patch Tuesday also included 'important' fixes for Windows, Office, Group Policy and Microsoft's Virtual Machine Manager.
These flaws could potentially be exploited for a variety of purposes, including elevation of privileges, information disclosure and security bypasses.
Ross Barrett, senior manager of security engineering at Rapid7, highlighted the Virtual Machine Manager update as the most interesting of the 'important' fixes.
"Hypervisor and virtual machine management applications are often overlooked in routine patching and can be a challenge for administrators to locate on their network," he said.
"Those going to patch may find the system requires an update rollup or other patches prior to this patch being offered, which could hide a vulnerable state."
Internet Explorer has been a constant source of security problems over the past year. Researcher David Leo uncovered a new Internet Explorer zero-day vulnerability affecting Windows 7 and Windows 8.1 earlier in February.
Microsoft issued 200 updates in 2014 fixing a multitude of bugs in the ageing browser.
British Airways blames 'global systems outage' for IT meltdown
Mark Zuckerberg mercilessly trolled by Harvard student newspaper after return to university he dropped out of 12 years ago
'Unauthorised user' blamed by Harvard for insulting Mark Zoinkerberg
Android under attack from 'Judy', Google Play Store malware that has infected up to 36.5 million users
Yet more Android malware discovered on the Google Play Store
Airport believes new system will be more reliable than GPS or Google Maps