Time to fire up Internet Explorer and head to Windows Update and get your systems spackled:
The software updates include fixes for previously unknown holes in Windows, including critical holes in the Windows Task Manager and HTML (Hypertext Markup Language) help features. The company also published a patch for a recent, publicly disclosed hole in the Windows Shell application programming interface (Shell API) and fixed a hole in older versions of the Internet Information Services (IIS) Web server that one expert said is well-suited for use in an Internet worm.
The seven updates, named MS04-018 through MS04-024, were released in accordance with the company’s monthly patching schedule. At the top of the list were two patches, MS04-022 and MS04-023, that Microsoft said were “critical” and could allow remote attackers to run malicious code on affected Windows systems, according to the Microsoft Web page. (See: http://www.microsoft.com/technet/security/current.aspx.)
Read the full Infoworld article if you want details on what the vulnerabilities are and what they might allow, but suffice it to say that it’s worth your time to make sure these get installed on your system. Who knows? They might actually fix the problems they’re supposed to.