Two bulletins, both considered critical:
MS10-30:Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution (978542)
MS10-31: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (978213)
Info here: http://www.microsoft.com/technet/security/bulletin/ms10-may.mspx
Tom Kelchner