Microsoft released five security bulletins for the month of April:
MS06-013--Cumulative Security Update for Internet Explorer (912812)
MS06-014--Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)
MS06-015--Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531)
MS06-016--Cumulative Security Update for Outlook Express (911567)
MS06-017--Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (917627)
The first four of these bulletins are primarily workstation risks. I recommend deploying MS06-013 and MS06-015 as soon as possible. MS06-013 is especially urgent because details of some exploits are public and attackers are already using them.
You might consider workarounds for MS06-014 and MS06-016, rather than deploying the updates for these two bulletins. MS06-014 includes a workaround, and I developed a workaround for MS06-016 (which you can read about at the URL below).
The final bulletin, MS06-017, impacts Microsoft IIS servers running Microsoft FrontPage Server Extensions or Microsoft SharePoint Team Services. Although Microsoft rates the severity of this exposure as only moderate, I recommend loading the update on all affected servers as soon as possible.
For more of my thoughts on all of these bulletins, go to
http://www.ultimatewindowssecurity.com/msbulletins.html