Microsoft has made three security patches available today:
Vulnerability in HTML Help Could Allow Code Execution (890175)
Executive Summary
A vulnerability exists in Windows that could allow remote code execution on an affected system
Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)
Executive Summary
A vulnerability exists in Windows that could allow remote code execution on an affected system.
Vulnerability in Indexing Service Could Allow Remote Code Execution (871250)
Executive Summary
A vulnerability exists in the Indexing Service that could allow remote code execution on an affected system. The Indexing Service is not enabled by default on the affected systems.
They can be found through the Windows Update service or download them directly here