Microsoft patches 20 security holes in February update

Redmond (WA) - Microsoft's monthly security update for February has gone live. Though it marks the first update since the consumer release of Windows Vista, none of the 20 fixes are for the new operating system.

In total, 12 patches are now available, some of which take care of multiple security problems, with five of the updates deemed as critical.

The most significant issue that is taken care of in the new update are holes that allow hackers to gain remote access to a computer. Microsoft Office, Microsoft Word, RichEdit, Microsoft MFc, OLE Dialog, and ActiveX, along with Internet Explorer and part of Microsoft's proprietary security engine are all patched in today's update.

Exploits in Office have been widely used over the past couple weeks, making some wonder in Microsoft would release an emergency patch instead of waiting until the scheduled February update.

Windows Shell and Windows Image Acquisition Service are also patched, as a fix to the vulnerability of allowing elevation of privelege. These problems are only reported at severity ratings of "important".

None of this month's updates apply to users with Windows Vista or Office 2007. All potential problems as a result of these holes will not affect the new OS or Office suite because of the increased security built into the software.