Microsoft issues fixes for critical security holes in its software

Microsoft has described the vulnerabilities as critical.

As part of its monthly patch distribution, Microsoft has issued a series of new security updates, two of which are categorized as critical. The vulnerabilities, if left unpatched, allow hackers to run malicious code on unprotected computers. This month's security updates affect Microsoft Windows, Windows Media Player, Microsoft Office, and Internet Explorer.

"It is essential that computers are protected from unauthorized access by remote hackers," said Ron O'Brien, senior security analyst at Sophos. "All computer users need to patch against these flaws in Microsoft's software as quickly as possible, before hackers and virus writers try and take advantage of them."

• Read more about the security vulnerabilities now, and protect your computers

Home users of Microsoft Windows can visit update.microsoft.com to have their systems scanned for critical Microsoft security vulnerabilities.

Sophos suggests that every IT manager responsible for security should consider subscribing to vulnerability mailing lists such as that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.mspx.

Sophos continues to recommend companies protect their desktops and servers with automatically updated anti-virus protection.