Microsoft this month released two security bulletins for Windows and its components this month, both with a Critical severity rating. The first, MS10-030, addresses vulnerabilities in Outlook Express, Windows Mail, and Windows Live Mail; a proof-of-concept exploit has been published for these vulnerabilities. The second bulletin, MS10-031, fixes vulnerabilities in Visual Basic for Applications, which is used as a scripting language in MS Office and other applications. Further information and download links are in the Security Bulletin Summary.
Because of the severity of these vulnerabilities, and the fact that an exploit for some of them has been published, I recommend that you install the updates as soon as you can.