“Microsoft Corp. disclosed several security flaws Thursday, including ‘critical’ problems in many versions of its Windows operating system,” reports Wired.com.

“The flaws were detailed in four security bulletins, which urged users to download software patches from Microsoft’s Web site.”

“The flaws in most versions of Microsoft Windows occur in the help function and could allow attackers to gain control of the user’s system. Microsoft reported other flaws, which range from moderate to critical severity, in some versions of Microsoft Windows, SQL Server, and other software programs.”

“On another security front, the National Infrastructure Protection Center alerted computers users Thursday to a worm, called the ‘W32.Bugbear or I-Worm.Tanatos.’ The worm is sent as an e-mail attachment and ‘appears to target machines running Microsoft software.’”

“Some subject lines for the e-mail are ‘bad news,’ ‘Membership Confirmation,’ ‘Market Update Report,’ and ‘Your Gift.’ The worm has infected more than 22,000 systems since Wednesday, the agency reported, and can give attackers access to victims’ personal information and passwords. The agency urged computer users to download a patch issued by Microsoft last year, Microsoft Security Bulletin MS01-027.”

“The latest bulletins came a day after Microsoft chief executive Steve Ballmer sent an e-mail to customers reiterating the company’s commitment to improving the security and reliability of its software.”