released three patches – two of which it deems critical – on Tuesday in the May edition of its regular Tuesday update cycle.

Most seriously there’s a critical vulnerability in Microsoft Exchange which allows remote code execution (MS06-019). This bug in Microsoft Exchange’s calendar function could lead to a worm, tools firm ISS warns.

Read more: Exchange flaw poses ‘worm risk’