As part of its monthly security update cycle, Microsoft on Tuesday released a dozen security bulletins. Nine of them are tagged critical, the company's highest severity rating. The alerts give details of 20 flaws in Windows and three in Office, all of which Microsoft has now fixed.
"Today, Microsoft patched 23 vulnerabilities, the highest number since their monthly patch program started," Monty Ijzerman, a senior manager at McAfee's Avert Labs, said in a statement. Of those flaws, 11 were publicly known or exploited before Microsoft provided fixes, he said.
"We recommend that customers apply the update immediately." The bulk of the problems addressed by the August patches could be used for attacks via the Web or e-mail. They include security holes in the Internet Explorer Web browser, the Outlook Express e-mail client, and other Windows and Office components.