Both bulletins are rated “important” because of the risk compromising the confidentiality, integrity or availability of user data.
Microsoft is recommending that Windows and Office users review its Advance Notification webpage and prepare to deploy the bulletins as soon as possible.
Customers should note that both bulletins will address issues that would require a user to open a specially crafted file. There are no network based attack vectors.
The patches will be released on March 9, 2009 around 11AM EST.