Microsoft plans to release 10 security bulletins as part of its Patch Tuesday update cycle next week, including critical updates affecting Internet Explorer, Word, Excel and Office.
On Thursday in a June advance notification on Microsoft's TechNet site, the software giant said six of the 10 security bulletins are rated critical.
The Patch Tuesday release will not include a Microsoft security fix addressing a DirectShow vulnerability being actively targeted in the wild. Microsoft said it would release a fix either next month or in an out of band release.
"Our security teams are working hard on a security update that addresses this issue to protect customers, but we do not yet have an update that has reached the appropriate level of quality for broad distribution," Christopher Budd, Microsoft security response communications lead said in a statement.
Hackers are targeting a QuickTime handling flaw in DirectShow. The vulnerability enables attackers to create drive-by exploits that target Windows Media Player, which uses DirectShow media-streaming architecture.
Microsoft also plans to release a fix for users of Microsoft Office for Mac, repairing critical PowerPoint flaws patched for other Windows-based versions last month. MS09-017 was the only security bulletin the software giant issued last month. The remote code execution vulnerabilities in Microsoft Office PowerPoint included several memory corruption flaws, legacy file handling errors and an integer overflow error.