It's time once again for monthly updates from Microsoft.
Microsoft Office Word and Publisher reportedly have Remote Code Execution vulnerabilities which could be exploited by remote attackers. Various Office versions are affected.
The three vulnerabilities are highly critical and we recommend users to apply the latest updates.
Microsoft Malware Protection Engine, a component of their antivirus products, reportedly has two denial of service vulnerabilities. The vulnerabilities can be exploited remotely and can cause the malware engine to stop responding or to restart while scanning a specially-crafted file. It may also exhaust available disk space.
The issue of specially-crafted files affected all antivirus vendors. We fixed it a few months ago with automatic hotfixes. You can read the Security Bulletins here and here.