The software giant will release six updates altogether for its operating system and four for the Office suite, according to a bulletin sent out by Microsoft this week. Some of the patches are rated "critical," a label that denotes the company's highest threat level.

Dangerous Knowledge

"It is always important to release the patch after vulnerabilities appear," said Joe Wilcox, an analyst at Jupiter Research. "Unfortunately, it is a situation where knowledge can work against everybody."

Wilcox noted that issuing security bulletins about coming patches can alert hackers to vulnerabilities they might not have been previously aware of. "Issuing a patch for a vulnerability often tells the bad guys about a vulnerability they didn't know existed," he said. "They can then go back and exploit [those flaws]."

That is why it is important, he went on to say, for those using Microsoft products to check monthly security bulletins and patch any affected systems in a timely manner.

Patch Tuesday

Microsoft normally releases its patches on the second Tuesday of every month. However, the company was almost forced to supply a fix for a few of the problems sooner because of the severity of the flaws, according to the Sans Storm Center.

The Storm Center warned users earlier this week of hackers actively exploiting unpatched flaws in Microsoft PowerPoint and in Word 2000.

In fact, Microsoft did issue an out-of-cycle fix for a critical Internet Explorer flaw last week. Microsoft released the patch early because the company was concerned about the risk to users.

Discovered by Sunbelt Software, the vulnerability involved the way that the browser handles Vector Markup Language (VML) graphics. Reports had emerged that hackers were exploiting the flaw by creating Web pages that could download spyware or keyloggers onto a user's system.