Microsoft has released a trio of security fixes that cover five vulnerabilities in Windows as part of its monthly patch release. 

Two of the patches address vulnerabilities that could allow remote code execution, allowing attackers to take control of a system. 

These involve vulnerabilities in Windows XP and Windows 2000 SP4. Microsoft gave one a security rating of 'important' and the other as 'moderate'.

The 'important' vulnerability affects the Microsoft Message Queuing Service (MMQS) which is part of the Pragmatic General Multicast (PGM).

Although it could allow an attacker to take control of a system the MMQS is not installed by default, Microsoft said in a security bulletin. 

The third vulnerability affects Microsoft Publisher 2000, 2002 and 2003.

Security firm McAfee warned that the 'important' Windows vulnerability is of most concern to end users. 

"Of the three announced today, the PGM vulnerability stands out because it can be remotely exploited without user interaction," said Monty Ijzerman, senior manager at McAfee's Global Threat Group.

Microsoft and McAfee urged users to download and install the patches.

Microsoft Security Bulletin MS06-052
Microsoft Security Bulletin MS06-053
Microsoft Security Bulletin MS06-054