That pattern -- this is an even-numbered month -- hints at kernel patches among the 64 slated for next week.

Another clue to the composition of Tuesday's updates came from Aaron Portnoy, manager of HP TippingPoint's security research team. In a yesterday, Portnoy said, "I had heard a good deal of that is due to @kernelpool," as he replied to French security company Vupen's note that Microsoft will patch a record number of flaws.

"Kernelpool" is the nickname of Norwegian security researcher Tarjei Mandt, who works for Norman ASA, an anti-virus firm headquartered in an Oslo suburb.

Mandt reported five of the kernel vulnerabilities Microsoft patched two months ago, and several others in 2010. And at the Black Hat security conference held in Washington D.C. in January, Mandt led a presentation and published a paper ( ) on "kernel pool" exploitation techniques in Windows 7.

In the paper, Mandt said, "In spite of the security measures introduced [in Windows 7, it] is still susceptible to generic kernel pool attacks."