As the old adage goes, when it rains it pours, and Microsoft's scheduled monthly security patches are no different. On Tuesday, Microsoft released six security patches, three of which were rated critical, the company's highest designation. (Microsoft also re-released two security bulletins.) As usual, most of the patches involved bugs in the usual suspects, Windows and Internet Explorer (IE).
The most serious vulnerability, which could cause remote code execution, exists in Windows 2000 only, though a much less serious version also occurs in Windows XP. Other critical flaws that were patched Tuesday include a collection of IE vulnerabilities and a vulnerability in the Windows 2000 and Windows XP SP1 print spooler.
As always, Microsoft recommends that users upgrade to the latest Windows version--Windows XP with SP2 on the client and Windows Server 2003 with SP1 on the server--to achieve the most secure possible systems. The company also notes that customers should enable Automatic Updates (AU) to automatically receive critical security updates and visit Microsoft Update (http://update.microsoft.com) periodically to download and install other updates.
For more information about this month's security patches, please visit the Microsoft Security Web site.