Microsoft updates February's security bulletins with Internet Explorer patch

Fixes included for IPv6, XML and VBScript

TODO alt text

Microsoft has updated February's security bulletins for its Windows and Office products.

Four of the bulletins are rated 'critical', the three others 'important'. Three of the critical bulletins, affecting Internet Explorer, Direct2D and VBScript, are advised by the company to be implemented immediately, as they fix remote code execution vulnerabilities.

Among the issues covered by the updated patches is the fixing of possible exploits in Internet Explorer and vulnerabilities in scripting engines across the entire range of Microsoft operating systems.

Additionally, the three important-rated bulletins cover vulnerabilities in IPv6, .NET Framework and XML services at the core of Microsoft Windows.

Hashed out

Two of the patches arrived recently, suggesting that issues were found in testing last minute by Microsoft engineers.

This fact is compounded due to one of the two bulletins concerning Internet Explorer. The browser, before its conspicuous absence from February's first bulletins, had been updated monthly for over a year.

A total of seven bulletins have been released so far in February, targeting client and server versions of Microsoft Windows, Internet Explorer, Microsoft Security Software and the Microsoft .Net Framework.

Microsoft has also issued an update that deprecated the use of MD5 hash algorithms, which are now restricted in the root certificate program.