Windows OS and the Office Suite were the stars of Microsoft's Patch Tuesday program in August. The US software giant released 12 security bulletins addressing a total of 23 vulnerabilities spread about the two products. The Redmond Company deemed nine of the security updates as critical in conformation with its ranking systems, with the remaining three considered important.

The critical vulnerabilities reside in the Server Service(921883); in the DNS Resolution(920683), Cumulative Security Update for Internet Explorer (918899); in Microsoft Windows(920214); Microsoft Management Console(917008); in HTML Help(922616); in Microsoft Visual Basic for Applications(921645); in Microsoft Office(922968); Windows Kernel(917422). Microsoft described all the critical security flaws as permitting remote code executions. There vulnerabilities ranked as important in Windows Explorer, Microsoft Windows Hyperlink Object Library and Windows Kernel open the way for remote code execution and for elevation of privileges.

Microsoft also enumerates the specific affected products and the list comprises Windows software, from Windows Server 2003 to Windows XP Professional x64 Edition and Internet Explorer Outlook Express and Office and Works.

"Today, Microsoft patched 23 vulnerabilities, the highest number since their monthly patch program started," Monty Ijzerman, stated Avert Labs, senior manager at McAfee's. "Of those flaws, 11 were publicly known or exploited before Microsoft provided fixes."

All the security updates are available to Microsoft customers running genuine copies of Windows, confirmed as such by the Windows Genuine Advantage tool.