Document preview was once a widely-used hacker tactic, but it has fallen out of favor. "We haven't seen any for a while, so it's interesting when something like this resurfaces," Storms said.

Jason Miller, manager of research and development at VMware, also tapped MS12-064 as the update that needed immediate attention, as did others, including Wolfgang Kandek, CTO of Qualys, and Marcus Carey, a security researcher at Rapid7.

"RTF documents are typically not blocked by company email servers," observed Miller. "Also, RTF documents, like PDF documents, are commonly used for sharing documents between different companies."

Although the remaining half-dozen bulletins -- Microsoft's term for its Patch Tuesday updates -- were all rated as only important, some researchers spotted intriguing characteristics that they said deserve users' attention.

"I'd pick next, after the Word update," said Storms, referring to the one-patch update that patches a bug allowing attackers to bypass SafeHTML's protection.