Five of this months security bulletins are rated critical and the remainder are classed as important.
A critical vulnerability in Windows Common Controls affects Office (2003, 2007, 2010), SQL Server (2000, 2005, 2008), Commerce Server (2002, 2007, 2009), Host Integration Server (2004), Visual FoxPro (8.0 and 9.0), and Visual Basic 6.0 Runtime.
This vulnerability - which allows remote code execution - has been used in targeted attacks, a Microsoft spokesperson stated.
For example, the bulletin is considered critical for IE8 in Windows 7, but moderate for IE7 in Windows Server 2008.
Four vulnerabilities in Windows networking components are addressed this month, with the most serious allowing remote code execution to be triggered by sending a malicious response to a print spooler request.
This bulletin affects all currently supported versions of Windows.
Microsoft recommends that the above three bulletins should be prioritised.