Microsoft has officially released its May security bulletin with fixes for some serious flaws including a zero-day flaw in Windows that is already being exploited in the wild.
The zero-day flaw stems from a vulnerability in the Windows DNS system and affects Windows 2000 Server and Windows Server 2003. The patches are now available through the Microsoft Security Advisory site.
As we mentioned last week, other bulletins address flaws in Windows, Office, Exchange and BizTalk, all four of which contain at least one patch rated as critical, meaning that an attacker can execute remote code to hijack a user's system.
The updates are recommended for all users.
