Wolfgang Kandek, CTO of , also puts MS12-027 at the top of the priority list. Kandek cautions that not only are exploits already out there in the wild, but malware developers will likely target the vulnerability even more now that they can reverse-engineer the patch.

nCircle's Tyler Reguly warns that the scope of this threat, and the work involved in patching affected applications may be overwhelming for some businesses. He stresses, "This bulletin is a great example of why developers should use shared libraries wherever possible. This should be a simple Windows patch but instead we're seeing every affected application patch the problem independently."

Again, Miller concurs. He says that software developers are going to have to be diligent about reviewing the details of this bulletin and addressing any issues it may present for applications they have written.

Miller clarifies, "Any developer that has released an ActiveX control should review the information for this security bulletin. These developers may need to release updates to their own software to ensure they are not using a vulnerable file in their ActiveX control."

With all of the attention on MS12-027, though, don't lose sight of the fact that there are three other Critical security bulletins to address as well, and Important security bulletins shouldn't be ignored. Review all of the security bulletins and prioritize them to deploy all of the applicable updates as quickly as possible.