There's a new patch for Internet Explorer that will fix a "critical" security hole in the Web browser. Microsoft also patched another "critical," but other fixes have only been deeded as "important."

Microsoft warned that "an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system." They even went ahead and informed Symantec Corp. to raise its ThreatCon to Level 2 in response to the release. Symantec Corp. also notified its customers of the DeepSight Threat Management System by e-mail Tuesday afternoon.

Oliver Friedrichs, a senior manager at Symantec Security Response, said in a statement, "These vulnerabilities are increasingly being used to facilitate online fraud through the installation of malicious software on vulnerable computers… Symantec has already seen exploits for some of these vulnerabilities in the wild and recommends that users apply the updates as quickly as possible."

The patch was released on Tuesday, December 13 in security bulletin MS05-054, as part of its monthly patching cycle. The update also plugs three other security holes in Internet Explorer, the Web browser component of Windows.

The browser security update will no longer allow you to run older versions of an ActiveX control released by the Sony record label. This patch was necessary since the one Sony released caused security problems of its own.