In the November Advanced Notification, Microsoft had announced a total of six security bulletins. Issued yesterday, the updates from the Redmond Company plugged a total of eight Windows-related product flaws, five of which received the maximum severity level from Microsoft.

The critical security updates are designed to patch vulnerabilities in Microsoft Agent, Macromedia Flash Player from Adobe, Workstation Service and Microsoft XML Core Services. Additionally, Microsoft released a Cumulative Security Update for Internet Explorer, also with a critical attack risk.

"With this month's release, Microsoft has changed the servicing model for Microsoft XML Core Services to include Windows Update in addition to Microsoft Update. Now, because this update is on Windows Update for distribution, we don't want customers to be confused and think this is a vulnerability in any version of Windows: the vulnerability is actually in Microsoft XML Core Services not in Windows. But we've gone ahead and put this update on Windows update to give the broadest possible coverage to protect customers for this issue and any possible future issues in Microsoft XML Core Services," explained operations manager Mike Reavey from the MSRC.

Starting this month, Microsoft XML Core Services customers can access updates via Windows Update, and Software Update Services (SUS) in addition to Microsoft Update, and Windows Software Update Services (WSUS).

One of the security bulletins issued by Microsoft patches vulnerabilities in Client Service for NetWare. The Redmond Company revealed that these flaws are newly discovered and had been privately reported, which is synonymous with the lack of exploits. The security bulletin updating Macromedia Flash Player from Adobe refers to Flash Player that shipped with Windows XP Service Pack 2 and Windows XP Professional x64 Edition.