Is this the last Microsoft Update for 2004?

Microsoft managed to give a small holiday gift to network administrators this month: no critical patches.

The software giant released five patches to fix nine issues in its Windows operating systems on Tuesday, with none of the security holes rated as a serious threat. Microsoft warned last week that the fix would be coming.

Stephen Toulouse, a security programme manager in Microsoft's security response centre , said: "All the flaws have something about them that makes it more difficult for an attacker to exploit them."

Earlier this month, Microsoft issued an unscheduled critical patch for Internet Explorer. It plugged a security hole that opened PCs with the web browser up to attack by online fraudsters.

The five December advisories are the last fixes scheduled for release this year. If the company does not release any more security bulletins this month, it will have released 45 patches in 2004, down from 51 in 2003.

The current issues include problems with a format converter in WordPad software; flaws in the Microsoft implementation of Dynamic Host Configuration Protocol (DHCP), a standard for configuring small networks; an issue in the HyperTerminal application; and vulnerabilities in the Windows kernel. They also address two problems with the Windows Internet Naming Service (WINS) that were publicised last month.

The fixes variously affect a number of Windows operating systems. The latest version of Windows XP, known as Service Pack 2, requires three patches. For the most part, the effect of the nine flaws in the advisory was limited by the security updates in SP2, Microsoft's Toulouse said.

"We are seeing some indications that it is more resilient," he said.

Microsoft has recommended that all Windows XP users upgrade to Service Pack 2, which adds security features to Windows and removes applications that pose potential security risks. The patch can be downloaded through the Windows Update service.

Robert Lemos writes for CNET News.com.