Microsoft released two patches on Tuesday, a cumulative update for Internet Explorer that fixes four flaws and a fix for a kernel-based privilege-escalation vulnerability.

The update to Internet Explorer fixes a previously known flaw that was recently exploited. The flaw, originally found in May and classified as a crash bug, was thought to be safe from exploitation.

The cumulative update to Internet Explorer also disables the ActiveX control marked safe for scripting by the uninstaller for Sony's controversial copy protection measures. The uninstaller left behind the ActiveX control and created a vulnerability that could be exploited by a malicious Web site.

As the last scheduled patches for this year, the two patches bring the software giant's total security updates to 55 in 2005, ten more than in 2004.