Microsoft Corp. on Tuesday released three security patches to fix holes in its Windows and Office software and warned one of the vulnerabilities was critical because it could allow an attacker to take over a user's computer.

The world's biggest software maker said the single flaw rated at critical - the highest level - related to Microsoft Publisher, which is included with some editions of Office. The other vulnerabilities were ranked at the next highest levels of important and moderate and affected its Windows software.

Attackers see home users as the weakest link in the security chain and are increasingly targeting this group in an effort to profit, Oliver Friedrichs, an expert at security software maker Symantec Corp..

Microsoft, whose Windows operating system runs on 90 percent of the world's computers, issued the patches as part of its monthly security bulletin.

The company defines a flaw as critical when the vulnerability could allow a damaging Internet worm to replicate without the user doing anything to the machine.

The company has been working for more than three years to improve the security and reliability of its software as more and more malicious software target weaknesses in Windows and other Microsoft software.

The latest patches can be downloaded at