The alert for Office is deemed "critical," Microsoft's highest risk rating, the company said in a notice posted on its Web site on Thursday. The Windows bulletin is rated "important," one notch lower on Microsoft's rating system.
Microsoft rates as critical any security threat that could allow a malicious Internet worm to spread without any action required on the part of the user. Problems deemed "important" could be exploited to compromise the confidentiality, integrity or availability of data, or the integrity or availability of processing resources, according to the company.
Last month, Microsoftalso covering flaws in Office and Windows. Two of those bulletins were tagged critical. On Wednesday, it emerged that one of last month's patches can for users of Microsoft's Windows Media Player 10.
Microsoft's notice did not specify which components of Windows or Office are being repaired with Tuesday's patches or how many flaws the update will tackle. Security researchers with eEye Digital Security list one vulnerability on their Web site for which a fix is considered overdue.
As part of its monthly patch day, Microsoft also plans to release an updated version of the Windows Malicious Software Removal Tool. The software detects and removes common malicious code placed on computers.
The company gave no further information on the upcoming bulletins, other than stating that the Office fix may require restarting the computer. The Windows fix will not require a restart, Microsoft said.
The Redmond, Wash., software maker offers advance notification about patches so people can get ready to install the updates.
Microsoft said it will host a Webcast about the new fixes on Wednesday at 11 a.m. PT.