Miller urges Microsoft customers to treat a separate patch for an Internet Explorer vulnerability with just as much importance as MS12-027. Part of the reason for concern over the vulnerabilities patched in MS12-023 is that they lie in Web browsers that are used often by end users who may not have security in mind, Miller says. The other part is the high likelihood that it could be attacked within the next 30 days, as is suggested by the rating of 1 Microsoft gave it on its exploitability index.

"That's going to be a prime target for people. With the bi-monthly update, it should definitely be at the top of the list of what you're looking at," Miller says. "A lot of the vulnerabilities fixed are drive-by scenarios, so you're probably going to see some malicious sites popping up."

MS12-023 addresses a vulnerability that affects Internet Explorer Versions 6 through 9, and comes before the patch for the IE exploit .

Two of the remaining bulletins were also rated critical and address remote code execution vulnerabilities in and the .Net framework. The remaining two, deemed "important," address exploits in Office and Forefront Unified Access Gateway.

The six security bulletins issued in April bring Microsoft's total to 28 in 2012. In comparison, the company issued 34 bulletins through the first four months of last year, half of which came in April.