Microsoft is due to deliver two critical security fixes for Office, IE and Windows in June's Patch Tuesday next week.
The two bulletins will address a pair of remote code execution flaws also affecting Lync and will be accompanied by five others rated as important by Redmond.
The second critical bulletin addresses at least one flaw present in Windows, Office and Lync, though it won't publish specifics until after the patch has been issued.
But Russ Ernst, director of product management at patch management firm Lumension, said its impact would be wide-ranging: "Get ready for what looks like a far-reaching, critical bulletin in number two. Its impact list includes all versions of Microsoft Windows, Office 2007 and 2010 and Lync 2010 and 2013.
IE was affected last month too, with an out-of-band patch issued, a point fix released and a vulnerability revealed without a Microsoft fix by HP's Zero-Day Initiative.
Ernst added: "Last month, IE saw a lot of activity.We will have to wait and see if June Patch Tuesday is a cumulative update for the popular browser but odds are it will be."
Redmond has confirmed it will release the latest round of updates on Tuesday, June 10 at approximately 6pm UK time.
Qualys is the leading provider of on demand IT security risk and compliance solutions - delivered as a service. Qualys solutions enable...