Windows Live Hotmail users have been venting their frustration at Microsoft Corp. for the past month since the software maker suddenly removed a popular feature because it created a security hole.

Three of the critical vulnerabilities Microsoft patched Tuesday in ActiveX controls for Office were first reported to the company two years ago, according to the security firm that alerted Microsoft of the flaws.

Microsoft yesterday confirmed that a single superfluous character in its own development code is responsible for the bug that has let hackers exploit Internet Explorer (IE) since early July.

As promised, Microsoft today patched six vulnerabilities in Internet Explorer (IE) and Visual Studio with the first "out-of-cycle" update since it plugged a hole last October that the Conficker worm later used to run rampant.

Microsoft has been forced to issue emergency patches for its Windows operating system after researchers discovered a way to bypass a critical security mechanism in the Internet Explorer browser.

Mozilla last week issued the first patch for Firefox 3.5, fixing a flaw that went public Monday. One noted contributor had called the flaw a "self-inflicted" vulnerability.

Microsoft today delivered six security updates that patch nine vulnerabilities, fixing two bugs already being used by hackers but leaving one still open to exploit.

Microsoft confirmed another zero-day vulnerability on Monday in a set of software components that ship in a wide variety of the company's products.

Microsoft today warned of a serious security vulnerability in a Spreadsheet ActiveX control that could allow for a drive-by-download attack against vulnerable PCs.