As it was expected, Microsoft launched yesterday the nine security updates announced for this month.

Three of them were rated as being “critical”, which means that they fix vulnerabilities considered extremely dangerous.

Two of these updates are related to Internet Explorer and Microsoft DirectShow, while the third, which is detailed in the Microsoft Security Bulletin MS05-051, deals with the COM+ services included in Microsoft Distributed Transaction Coordinator (MSDTC), a component used by database software applications.

According to the estimations made by security experts, it took Microsoft 95 days to patch the Internet Explorer flaw which allowed hackers to launch an attack similar to the Sasser worm one. For the update which solved the Microsoft DirectShow problems, the company’s programmers needed 154 days.

Exploiting any of the three flaws would have allowed a hacker to remotely control the targeted computer.

Among the other updates, there is also a patch for a “moderate” Windows FTP Client vulnerability, one for the Network Connection Manager, another one, rated as “important” for the NetWare client service and one for the Windows Plug and Play system.