Microsoft has released several critical updates for both Windows, Exchange and Office. Some of these vulnerabilities allow priviledge elevation (MS04-032). Some allow arbitary code execution via Windows Metafile (MS04-032), Excel workbooks (MS04-033) or zip files (MS-034). There is also update for the patch of the JPG vulnerability (MS04-028).
Further information and complete list of the updates is available at Microsoft's TechNet Security site: