"Microsoft published four patches on Tuesday to close serious vulnerabilities in its Internet Explorer browser, Exchange e-mail server and Microsoft SQL server.
The fixes, which were released on Microsoft's regular monthly schedule, close two Critical vulnerabilities in Internet Explorer 7 running on Windows XP that could allow a malicious Web site the ability to run code on a vulnerable visitor's system. The flaws are considered only Moderate for other versions of Windows.
A second patch fixes two flaws in Microsoft's Exchange e-mail server, one of which could let an attacker take control of a company's e-mail system. The company stressed that any exploit code developed to take advantage of the flaw would likely work inconsistently at bes"
Read more: http://www.securityfocus.com/brief/906
Microsoft's Advisory: http://www.microsoft.com/technet/security/Bulletin/MS09-002.mspx