On Tuesday, Microsoft released patches to fix 12 security vulnerabilities involving Microsoft Windows, Internet Explorer, Media Player, Word, and PowerPoint. On Wednesday, code appeared online to exploit these holes.

Although the code is circulating, there are currently no reports of it being used in an actual attack.

In a statement to CNet, Microsoft said: "Microsoft is aware that detailed exploit code was published on the internet for some of the vulnerabilities.

"With the exception of MS06-027 (the Word malware that began circulating last month), Microsoft is not currently aware of any active attacks utilising this exploit code...the exploit code does not affect users who have installed all June security updates."

Eight of the twelve updates released were critical and all Windows users are advised to install them as quickly as possible.

More from CNet here. ®

Related stories

• Shrinking patch windows hit by automated attacks (21 April 2008)
• Trojan download site spoofs IE7 release outlet (18 October 2006)
• Busy Patch Tuesday looms (6 October 2006)
• Trojan exploits unpatched PowerPoint vulnerability (21 August 2006)
• MS releases dirty dozen (9 August 2006)
• Five critical updates mark MS Patch Tuesday (12 July 2006)
• Unauthorised apps bigger threat than malware (21 June 2006)
• MS June update fixes dangerous Word flaw (14 June 2006)
• Database Myths and Legends 'Microsoft was caught stealing secrets from Borland' (13 June 2006)
• MS clean-up stats shed light on malware infections (13 June 2006)
• Letters Microsoft WGA row continues (12 June 2006)
• Researchers eye machines to tackle malware (10 June 2006)
• Microsoft's Patch Tuesday looks like a whopper (9 June 2006)