Microsoft today (July 12) issued four patches for 22 security vulnerabilities in its popular software, including Windows and Office.
Three of the patches for Microsoft Windows are labeled "important" and one "critical." The latter means an attacker could remotely execute malicious code or gain unauthorized levels of control over infected Windows systems.
Programs covered by the "important" patches include Microsoft Office and Microsoft Visio 2003 Service Pack 3, Microsoft wrote on its TechNet blog.
The sole "critical" patch included in this month's update fixes a serious hole in the way Vista and Windows 7 handle Bluetooth communications. (Windows XP is not affected.)
"This one's sexy," Marcus Carey, a security researcher with Boston's Rapid7, told CSO Online. "It's classical spy kind of stuff, being able to access [a PC] using Bluetooth when [the victim] doesn't even know you're there."
The fixes, part of the software giant's monthly Patch Tuesday, were released midday today. To download them, visit Microsoft's Download Center on its website — but you really should have Automatic Updates turned on.