First up there's the Excel vulnerability. Microsoft officials say the affected versions of Excel are part of Office 2000, 2002, 2003, 2004, 2007 and 2008, and that the Open XML File Format Converter for Mac is also vulnerable.
The good news is that exploits have only been seen for Office 2007 running in Windows 2000 and XP, and that other versions are more likely to crash than execute the malware embedded in the rogue documents.
Furthermore, the vulnerability relates to the older binary .xls file format, not the current XML-based .xlsx format.
It also seems that the real-world attacks detected so far have been narrowly targeted.
While the risks are slight, it would seem wise to be especially cautious if an unexpected .xls file turns up in your email before Microsoft releases a patch.
Though it's not clear when that's likely to be, March's Patch Tuesday seems a likely target.
Vulnerability number two comes from Adobe - but Apple's implicated too. See page two.
Secondly, there's a vulnerability in Adobe Reader and Acrobat. Malicious PDF files can use this to get up to no good - one exploit installs a remote access backdoor on Windows systems.
It appears that Reader 9 and earlier and Acrobat 9 and earlier are affected by the vulnerability, and Adobe doesn't qualify this with reference to specific platforms. The company plans to release an update by March 11 (the day after Microsoft's Patch Tuesday).
The bad news for Mac users is that Intego has determined that the PDF handling code in Mac OS X 10.5 also has this vulnerability. That means it could be exploited by a PDF that's opened in Preview, Safari, Mail or even Quick Look.
There's no known Mac exploit for this issue, but opening PDF files is such a commonplace activity that it does present a worry.
Not opening PDFs is hardly an option, so its fortunate that many desktop and gateway security products now provide protection against attacks targeting this vulnerability.
The third flaw is in another Adobe product - find out which on page 3.
Issue number three also involves Adobe, but this time the product is Flash Player.
Adobe recommends users update to Flash Player version 10.0.22.87, which corrects the issue. The company has also released Flash Player 220.127.116.11 for those who cannot upgrade to Flash Player 10.
The issue was originally disclosed to Adobe last October.
The "critical" update also addresses input validation, clickjacking and privilege escalation issues in Flash Player. Some of those issues are specific to Windows or Linux.
The latest version of Flash Player can be installed using the software's auto-update mechanism or by downloading it from Adobe's web site.
The company recommends that users check the version of Flash Player installed in each of the browsers they use.