Microsoft fixes critical bugs in Explorer and Windows

The bugs could allow hackers to remote-access users' machines if left unpatched

Microsoft has released a series of patches designed to fix critical security flaws in its Internet Explorer and Windows platforms, amongst others.

In the software giant's February patch release, part of its reglar monthly patch cycle, it fixes critical bugs in the Windows, Internet Explorer, .NET Framework and Silverlight programs that could permit remote code execution.

There are also updates for its Sharepoint and Office suites of applications.

Microsoft lists two of the updates as being critical. One is known as MS12-010 - Cumulative Security Update for Internet Explorer.

This update resolves four vulnerabilities in Internet Explorer. These could allow remote code execution if the user employs the browser to view an infected web page.

A hacker who attempts to exploit these vulnerabilities could gain the same level of access to the machine as the user.

The second critical update is MS12-013. It patches C Runtime Library, which provides programming routines for Windows.

The vulnerabilities discovered in this service could also leave a computer open to remote code execution if left unpatched.

"This bulletin addresses an issue that could arise if a would-be attacker sent a malicious media file to a targeted user, or convinced the user to visit a web page hosting such a file," said Microsoft's Angela Gunn, of the firm's security group Trustworthy Computing.

Microsoft recommends that its customers deploy the patches as soon as possible.