Three of the 12 bulletins covering the 22 vulnerabilities are critical, and include updates to address vulnerabilities in Internet Explorer CSS and Windows thumbnail preview.
Insecurity firm Qualys said it has seen limited exploits for these on the wild, so the update is highly recommended. Lower rated flaws that will be patched include ones in the FTP service, Windows, Office and Visual Studio.
The Internet Explorer CSS issue was first discovered in December of last year, and affected several different browser versions, including Microsoft's newest Internet Explorer 8. Attackers could catch a victim with a bug on a booby-trapped webpage and take over the PC, either sticking in a bit of malware or stealing confidential information.
It is too soon for the latest Windows Internet Explorer zero-day vulnerability to be fixed, with a workaround regarded as the best bet for securing against that for now.
The company said, "Microsoft is aware of published information and proof-of-concept code that attempts to exploit this vulnerability. At this time, Microsoft has not seen any indications of active exploitation of the vulnerability."
But of course, if Microsoft doesn't get a move on soon, that might change. µ
Is this a banana I see before me, etc
Bad news for developers, good news for SoundCloud
Windows 10 Pro users kicked in the craw again
It might feature a 3.5mm headphone jack, after all