Microsoft today released its usual monthly “Black Tuesday: set of security updates. According to the Security Bulletin, there are three updates for components of Microsoft Windows, all rated Critical, and one update for the Publisher component of Microsoft Office, rated Important. The final two updates, both rated Important, are for Microsoft’s ISA server, and for its Virtual PC / Virtual server products. The three Windows vulnerabilities apply to all supported versions of WIndows.
The Security Bulletin, mentioned earlier, has links to download the fixes, in the section “Affected Software and Download Locations”. These fixes should also be made available via the normal Windows Update mechanism.
Since the Windows vulnerabilities are rated Critical, and since at least one of them is being actively exploited, I recommend installing the fixes as soon as possible.
The SANS Institute has their usual monthly overview of the updates.