February Microsoft patch released on 10th December, fixes critical flaw on the following applications. If your automatic update turned off, make sure you check for update and install this patch immediately.

• Internet Explorer 7 – Fix flaw that allow a malicious Web site to install malware on a vulnerable PC.

• Visio – Fix flaw where attacker can run any command if you open a hacked Visio file.

• Microsoft Exchange – Fix flaw where Microsoft Exchange could be taken over by a specially crafted TNEF message sent to it by an attacker.

• SQL server – Fixing flaw for possibly another attack after successful SQL injection attack.

The patches run on one of my notebook for IE7 and SQL server flaw.