<p>As part of its monthly Patch Tuesday security update, Microsoft (Nasdaq: MSFT) is fixing "critical" security holes in Windows, Internet Explorer (IE), Office, SharePoint Server, Visio Viewer and its Silverlight web plug-in.</p><p>A number of the critical vulnerabilities could enable a remote attacker to gain control of a computer, while others could allow a hacker to acquire the same privileges as the user on the server.</p><p>The vulnerability to SharePoint, Microsoft's enterprise content management and collaboration software, is of the latter type. "This one in particular could allow an attacker to elevate from an anonymous user to ownership of the SharePoint site, which could be very damaging. Fortunately, this is not under active attack," commented Paul Henry, security and forensic analyst with security firm Lumension.</p><p>Henry advised IT administrators to make plugging the IE holes a priority. "What's particularly concerning to me is that this is a remote code execution issue that critically affects the latest version of IE (IE 10) and in the two newest versions of Windows: Windows 8 and Windows RT. Fortunately, this issue has no known attacks in the wild. However, you should still plan to patch this immediately," Henry wrote in comments emailed to FierceEnterpriseCommunications.</p><p><a href="http://www.fierceenterprisecommunications.com/story/microsoft-plug-critical-holes-windows-ie-office-and-sharepoint/2013-03-11">Keep reading...</a></p>