Microsoft has outlined nine of the security bulletins it expects to release for its patch release on Tuesday.
Six of the bulletins address vulnerabilities that have a maximum severity rating of 'critical', Microsoft's highest alert level. The remaining three patches all carry a maximum rating of 'important'.
The potential impact of a vulnerability will commonly vary for different software versions, so Microsoft categorises each bulletin by its maximum risk level.
Five of the nine bulletins concern vulnerabilities found in software for Windows Vista. Of those, two are listed as 'critical' and three as 'important'.
The two critical vulnerabilities affecting Vista lie within the XML Core Services component and Internet Explorer 7. If exploited, both vulnerabilities could allow an attacker to remotely take control of a target system.
The three 'important' fixes address flaws in Internet Explorer 7, Media Player 11, and one bulletin for a flaw in Vista itself.
Other bulletins address critical vulnerabilities in Internet Explorer 6, Office 2000, and both Windows XP and 2000.
Also included in the update is a fix for a critical vulnerability in the OS X version of Office 2004. The same vulnerability is listed as critical for Windows XP and 2000, as well as Visual Basic 6.0.
Microsoft's Virtual PC virtualisation offering will also receive one patch, rated 'important'.
Additional bulletins may be added by Microsoft before the official monthly patch is released on Tuesday, 14 August.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago