Galaxy Watch 5 Review Specialty Foods Online 'She-Hulk' Review Disney Streaming Price Hike Raspberry Girl Scout Cookie $60 Off Lenovo Chromebook 3 Fantasy Movies on HBO Max Frontier Internet Review
Want CNET to notify you of price drops and the latest stories?
No, thank you

Three critical Microsoft security patches released

Three critical Microsoft security patches released

Microsoft has released its April 2006 security bulletin, which includes five updates: three critical, one important, and one moderate. All versions of Windows are affected by the vulnerabilities addressed in the three critical bulletins. This monthly update covers Windows updates, but two of the updates are specific to Microsoft Office, neither considered by Microsoft to be critical. All of the patches are available via Microsoft Update or via the individual bulletins detailed below. Also see Critical megapatch sews up 10 holes in IE on for more infromation.

MS06-013: Critical

Entitled "Cumulative Security Update for Internet Explorer," this security bulletin addresses 10 of the most recent high-profile vulnerabilities affecting the browser, including the CreateTextRange flaw, which is known to have been exploited and used against unpatched systems.

MS06-014: Critical

Entitled "Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution," this security bulletin addresses vulnerabilities in this ActiveX control, and it affects all versions of Windows.

MS06-015: Critical

Entitled "Vulnerability in Windows Explorer Could Allow Remote Code Execution," this security bulletin addresses a vulnerability that could allow a remote attacker to take control of your PC through this popular file manager. The vulnerability affects all versions of Windows.

MS06-016: Important

Entitled "Cumulative Security Update for Outlook Express," this security bulletin addresses the way this e-mail client handles Windows Address Book files.

MS06-017: Moderate

Entitled "Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting," this security bulletin addresses a cross-site scripting flaw in FrontPage Web site building software and SharePoint collaboration software and affects only Microsoft FrontPage Server Extensions running on Server 2003, Windows 2000, and Windows XP. Microsoft FrontPage 2002 itself is not affected.