The final critical bulletin for February, MS14-008, addresses a privately disclosed vulnerability in Microsoft Forefront Protection for Exchange. The vulnerability could be exploited by a maliciously crafted email message sent to a Microsoft Exchange server monitored by Forefront security software.
Microsoft discontinued Forefront in 2012, though it will continue supporting the software with bug fixes through 2015, according to security firm Lumension.
The remaining important vulnerabilities cover issues found in Microsoft .Net and Microsoft Windows.
Kandek also urged administrators to apply Adobe's emergency patch for Flash, which was issued last week.