Microsoft Word starts off the "naughty list" with a remote-code execution vulnerability that also affects Outlook 2007.
Critical: MS Word 2000, MS Outlook 2007
Important: MS Word 2002, 2003, MS Word Viewer 2003, Word Viewer 2003 SP3, MS Word 2007; MS Office Compatibility Pack for 2007 file formats, and MS Office 2004 and 2008 for MacOS
If you have Microsoft Update configured to deliver updates automatically, you'll be seeing these updates soon if they haven't arrived already. However, if you prefer to install them manually, see Microsoft Security Bulletin MS08-026 for links to each update.
Next on the list is Microsoft Publisher, which is also affected by a remote-code execution vulnerability
Number three on the naughty list is the Microsoft Jet Database engine with yet a third remote code execution security vulnerability. It's rated Critical for all affected operating systems:
Windows 2000 SP4
Windows XP SP2
Windows XP Professional x64
Windows Server 2003 SP1, x64, and Itanium SP1 editions
Windows Update and Microsoft Update are delivering these updates even as we speak, but for more information and links to the download files, stop by Microsoft Security Bulletin MS08-028.
Bad Malware Detection Engine Will Fix Itself
The Microsoft Malware Protection Engine, which powers Windows Defender, Windows Live OneCare, and other Redmond-developed security programs, has a denial of service vulnerability rated Moderate. See Microsoft Security Bulletin MS08-029 for details, but only if you're curious: the automatic update feature in affected security tools will install the appropriate update for you.
Wrapping Up Patch Tuesday
As usual, Microsoft also rolled out updates to Microsoft Outlook Junk email filters for Outlook 2003 and 2007.