Microsoft posted a new security update yesterday as part of its monthly patch cycle, fixing a total of eight security flaws in four bulletins. At the top of the patch list is Internet Explorer, which is receiving an update rated as critical by the company, designed to close a pair of vulnerabilities related to memory corruption problems that could be exploited to allow for remote code execution.

Another two critical vulnerabilities were addressed in Microsoft Exchange, closing potential remote code execution and denial of service problems, while the remaining updates rated as important fix a privately reported vulnerability in SQL Server database software and three privately reported flaws in Microsoft Office Visio. As usual, Windows users can obtain the monthly patch through the automatic update feature or from Microsoft's website.