Microsoft corrected critical flaws in its Server Message Block (SMB), issued kill-bits to block browser components containing ActiveX flaws and addressed nearly two-dozen other vulnerabilities in its Patch Tuesday updates.

The software giant issued 13 bulletins, five rated critical, fixing 26 vulnerabilities across nearly all facets of its product line.

Microsoft SMB client and server vulnerabilities
Two high-priority vulnerabilities in the Microsoft Server Message Block, a protocol that handles communication between network devices, were addressed in Microsoft bulletin MS10-006. The remote code execution vulnerabilities exist on SMB clients and could be exploited by an attacker if they convince a user to initiate a connection with a malicious SMB server. The update is rated critical for Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows 7 and Windows Server 2008 R2; it is rated important for Windows Vista and Windows Server 2008.

Read full story.