Pocket-lint reported that Microsoft was planning on releasing at least one patch for a "critical" flaw in its June security update, based on pre-release information.
However, now that the updates are ready for download, it turns out that eight of the 12 patches have been labelled "critical".
The affected programs are Internet Explorer 5.01 to 6, Media Player 7.1 to 10, Jscript 5.1 to 5.6, Windows from 98 to XP SP2 and Server 2003, Office Works, and PowerPoint (versions from 2000 to 2005).
The bugs could allow a hacker to remotely run code on a targeted PC.
Three of the patches have been rated "Important", rather than "Critical", because although a similar attack could be carried out, it's not as big of a risk. One bug is found in the Routing and Remote Access Service, which is de-activated by default, while another exists in the Microsoft Exchange Service. For a hacker to exploit it, he or she needs express permission from the targeted system's user.