One of the updates, labeled Bulletin 4, looks like the one that should top the to-do list next Tuesday when Microsoft ships its monthly security updates, said a security expert.

The quartet marked "critical," Microsoft's most dire threat ranking in its four-step score, included Windows, Internet Explorer (IE) and Office updates, while the remaining pair were tagged "important," the second-level rating. Five of the six -- including one of those labeled as important -- will patch bugs that Microsoft said could be exploited by attackers to compromise PCs and plant malware on victimized machines.

"[Bulletin 4] is a head scratcher," said Andrew Storms, director of security operations at nCircle Security. "Usually a bulletin covers developer tools or servers or Office, but whammo, here's one with everything."

Bulletin 4, according to Microsoft's for April's Patch Tuesday, will affect Office 2003 through 2010 on Windows, SQL Server 2000 through 2008 R2, BizTalk Server 2002, Commerce Server 2002 through 2009 R2, Visual FoxPro 8 and Visual Basic 6 Runtime.

That's a lot of products, Storms said.