"The bug must be in code [in Vista and Server 2008] from the older versions that was rewritten from scratch, or in something new," said Storms.
Kandek echoed that thought. "We know Vista uses lots of components and code from the older operating systems, but Microsoft also added new services," he said. "This seems to be a vulnerability in a new service."
Of the other bulletins, Kandek pointed to the SharePoint patch as perhaps the most interesting. "We don't see that very often, and it could be interesting because it's on the server side."
Storms, meanwhile, pointed out that the two updates for Office -- which will patch Word and Excel -- are probably fixes for file format bugs since both apply to not only the Windows versions of those applications, but also the corresponding editions for the Mac.
If Microsoft issues all eight bulletins -- at times it has dropped one at the last minute -- it will have released 77 for the year, up from 2007's total of 69 and close to 2006's 78, but far below 2000's record of 100 updates.