Here's what's in this month's supersize collection.

MS15-018 is a Cumulative Security Update that addresses an even dozen vulnerabilities and affects all supported versions of Internet Explorer. It includes the fix for a cross-site scripting vulnerability that was publicly disclosed prior to February's Patch Tuesday but didn't make last month's fixes . Another fix is in response to a memory corruption vulnerability that has also been publicly disclosed, although the official CVE page hasn't yet been updated with details.

MS15-019 repairs a scripting vulnerability (3040297) in some older Windows versions; it doesn't affect Windows 7 and later desktop versions or the equivalent server versions, Windows Server 2012 and 2012 R2.

MS15-020 fixes a flaw in the way Microsoft Text Services handles objects in memory and how Microsoft Windows handles the loading of DLL files. MS15-021 addresses an issue with the Adobe Font Driver. Both vulnerabilities could theoretically allow remote code execution, although Microsoft's summaries say that possibility is unlikely.

MS15-022 applies to all supported Microsoft Office versions (2007, 2010, and 2013), as well as the server-based Office Web Apps and SharePoint Server products. It fixes three known vulnerabilities in Office document formats as well as multiple cross-site scripting issues for SharePoint Server. The worst outcome allows remote code execution.