Microsoft delivers four patches for July

Microsoft has delivered the July edition of its monthly security update.

The company said that the update will consist of four security bulletins addressing five vulnerabilities within Microsoft Windows and Office.

Four of the bulletins have been listed as 'critical' fixes, while the fourth is considered an 'important' risk. If exploited, each of the flaws could be used to perform remote code execution attacks.

Among the highest-priority fixes is a patch for the infamous 'Help Center' vulnerability in Windows. First disclosed in early June, the discovery of the flaw and its handling by Microsoft has triggered heated debate within the security community.

Also patched in the monthly release is a remote code execution flaw in Office Outlook.

While the vulnerability is not considered a 'critical' risk because attack requires tricking the user into launching a file attachment rather than embedding attack code on a web page, Microsoft is classifying the update as a top deployment priority due to the scope of a possible attack.

The two remaining bulletins address remote code execution and denial of service attacks in the Canonical Display Driver component and a remote code execution flaw for Office Access. The company recommends IT managers move the Access bulletin to a top priority for systems running the database tool.

The update also marked the end of support for two older products. Microsoft said that as of 13 July, it will no longer be offering support for Windows 2000 or Windows XP SP2 systems. Users are being advised to update their XP systems to the SP3 release.