Microsoft Word starts off the "naughty list" with a remote-code execution vulnerability that also affects Outlook 2007.
If you have Microsoft Update configured to deliver updates automatically, you'll be seeing these updates soon if they haven't arrived already. However, if you prefer to install them manually, see Microsoft Security Bulletin MS08-026 for links to each update.
Next on the list is Microsoft Publisher, which is also affected by a remote-code execution vulnerability
If you're not running Microsoft Update, download the updates by visiting Microsoft Security Bulletin MS08-027 .
Number three on the naughty list is the Microsoft Jet Database engine with yet a third remote code execution security vulnerability. It's rated Critical for all affected operating systems:
Windows Update and Microsoft Update are delivering these updates even as we speak, but for more information and links to the download files, stop by Microsoft Security Bulletin MS08-028 .