Miller expects to see attackers glom onto the vulnerability once they have a chance to analyze the bug and craft their own exploits. "More and more will jump on this this month," Miller argued.

Wolfgang Kandek, chief technology officer at Qualys, agreed. "Now that [the advisory] is published, other malware authors will be looking at it to see what's there," Kandek said. "We're sure to see more attacks against this vulnerability."

Eight of the 11 bugs patched today -- including the one in MS12-027 -- were rated "critical" by Microsoft, its highest threat ranking. Another was pegged "important," and the remaining two were tagged as "moderate."

Microsoft identified , a five-patch fix for IE, as the other update to roll out ASAP.

The company typically releases an IE security update in even-numbered months; on those months, security professionals usually recommend that users apply the browser update first.