The update users should deploy first is , which includes bug fixes for all supported versions of Excel, including the newest Excel 2010 on Windows and Excel 2011 on the Mac, several security professionals said today.

"The Excel one because of the attack vector, through malformed files," said Andrew Storms, director of security operations at nCircle Security, when asked which update should move to the top of the list.

Others experts agreed.

"Top priority should be given to MS11-072, which fixes an arbitrary code execution vulnerability in Excel," said Wolfgang Kandek, the chief technology officer for Qualys, in an email. "It affects all versions of Excel including the most recent 2010 version...[and] to exploit this issue, attackers could create malicious Excel files, which, when opened on vulnerable hosts, can take control of the system."

"Excel-related email attachments and links have commonly been used in attacks on organizations and this one should be addressed," added Kurt Baumgartner, senior security researcher at Kaspersky Lab.