The August edition of Microsoft's monthly security bulletins includes six patches, three of which are critical (including a patch to IE), one important, and two moderate. The patches cover products such as Internet Explorer and Windows services such as Plug-n-Play, Telephony Application Programming Interface (TAPI), and Print Spooler Service. The patches are available via Microsoft Update and should be automatically downloaded to Windows XP SP2 users.
This cumulative update for Internet Explorer addresses several critical flaws related to IE, for example, how it handles JPEG images, how COM objects in ActiveX can be run within Internet Explorer, and how Internet Explorer security zones handle cross-site requests. In the most extreme case, a remote attacker could run malicious code on your PC through an IE exploit.
This patch addresses flaws in Windows Plug-n-Play that could allow a remote attacker to take complete control of your PC.
This flaw fixes the Telephony Application Programming Interface (TAPI). A known vulnerability could allow malicious code to run on your PC remotely.
This patch addresses a Remote Desktop Protocol (RDP) flaw that could allow an attack to crash your system remotely.
This patch addresses flaws in Kerberos (a communications protocol) that could allow for a denial-of-service attack.
This patch fixes a flaw in the Windows Print Spooler Service that could allow an attacker to run malicious code on your PC.