Microsoft today issued nine security bulletins - its second-largest set of updates this year - patching 14 security holes in computers powered by different versions of its Windows operating system and other software. Six of these updates are rated critical by Microsoft, and could allow an attacker to remotely take control of a target system. The other three updates are rated important.

Windows 2000 and Windows XP respectively received 4 and 5 of the critical bulletins, while Windows Vista was the recipient of 2 critical bulletins. The two critical vulnerabilities affecting Vista lie within the XML Core Services component and Internet Explorer 7. Other bulletins address vulnerabilities in Internet Explorer 6, Microsoft Office, Virtual PC, Virtual Server, and Visual Basic. You can read the executive summary on each of the bulletins on Microsoft's website.

The patches can be downloaded directly from Microsoft's website, or through the Windows Update feature inside the operating system. As part of the patch rollout, the company is also releasing an updated version of the Malicious Software Removal Tool which you can get from our download section.