If you have Automatic Updates enabled in Windows then you surely must have not missed this one - Microsoft making available 13 patches! Yes indeed, 13 security bulletins - nine "critical" - is its biggest monthly patch roll out yet. The patches address a number of issues with Windows and Windows-based applications, with one additional patch dealing with Exchange 2000 issues.

The most serious vulnerabilities involve security bugs in Windows licensing logging service (MS05-010), Windows Server Message Block (MS05-011) and multiple flaws in Internet Explorer (MS05-014) that might used by crackers to gain complete control over targeted systems. A flaw in the way Windows Media Player and MSN Messenger process PNG files (MS05-009) carries a similar critical risk as do a bug in an ActiveX control in Windows involved with DHTML Editing (MS05-013) and a vulnerable Hyperlink Object Library in Windows (MS05-015).

A bug in Windows OLE and COM middleware components affecting Exchange and Office could let hackers run hostile code on vulnerable systems (MS05-012). Last, but not least, on the critical list is a patch to fix flaws with Office XP (MS05-005).


You should download these updates now, to address a number of serious issues. One of which is the flaw in ASP.Net that could allow an attacker to gain unauthorized access to parts of a website. Another is a bug in Windows Shell Component that could allow an attacker to cause the affected system to stop responding. There is also a bug where Microsoft Sharepoint could allow cross-site scripting attacks. Given the vast, global nature of the hack attack problem with modern computers (even yours!) you should patch immediately if you can.