Both of the security holes could be used by hackers to execute code remotely on a user's PC and take full control.
"An attacker could then install programs, view, change or delete data, or create new accounts with full user rights," said the Microsoft statement accompanying the update.
"The vulnerability in Exchange Server poses a serious concern as it does not require any user interaction to be exploited, making the vulnerability a worm candidate."
Ijzerman also said it was "interesting" that Microsoft had issued a patch for vulnerabilities that were previously patched by Adobe.
"This is the first time in recent memory that Microsoft has published a patch for third-party software," he explained.
"In this case, it is probably because the Macromedia patch was not widely deployed and Microsoft's updates will help ensure that its customers are protected."
Tuesday's update also fixes a denial of service vulnerability in Microsoft Distributed Transaction Coordinator (MSDTC).
The problem could be exploited to send a specially crafted network message to an affected system that would stop it responding. Microsoft rated the MSDTC update as 'moderate'.
RTX 280 Ti will come with 11GB of fast GDDR6 video RAM with a 352-bit memory bus offering 616Gbps
The scale of jobs lost to automation will be at least as large as those in the first three industrial revolutions
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC