The platforms affected by the critical vulnerabilities include Active Directory, Internet Explorer, Host Integration Server and Excel. In all, Microsoft issued 11 patches (). In addition to the four that were critical, six were listed as important and one as moderate.

The patches were listed as MS08-056 through MS08-066.

"There is a nasty bunch of remotely exploited items," says Eric Schultze, CTO of Shavlik Technologies. He says the vulnerabilities this month are centered more on remote execution rather than "visit this evil Web site and get hacked."

"We are getting into more vulnerabilities that hit the infrastructure, the Windows kernel, Active Directory, protocol overflows,"he says. "If you have a Windows 2000 domain controller you are hosed."

In the Active Directory vulnerability, numbered as MS08-060, anyone on a corporate network can send a series of packets to the domain controller and take over the domain. The vulnerability only affects Windows 2000.