In a surprisingly painful monthly security patch release, Microsoft issued nine security updates, fixing 19 security problems—a whopping 15 of which earned the highest rating of "critical." Critical flaws are those that could lead to a hacker remotely controlling your PC without the user's unintended help.

Five of the fixes involve the Active Template Library (ATL) programming interface for the aging and insecure ActiveX component technology. ActiveX components are most often associated with Microsoft Internet Explorer (IE), but they're used all over Microsoft's products, and four of the fixes issued this week are for ActiveX controls in various versions of Microsoft Office.

The patches apply to numerous Windows versions, including Windows Server 2008, Windows Vista, Windows Server 2003, Windows XP, and Windows 2000. None of the fixes apply to Windows 7.

As always, readers are advised to leave Automatic Updates enabled and configured to automatically download and install critical fixes. You can manually check for any fixes by visiting Windows Update, and you can find more information about this month's security fixes by visiting the Microsoft website.