The three critical bulletins repair holes in DirectX versions 7.0 through 10.0, Internet Explorer versions 6 and 7 and Windows Media Format Runtime. All these holes allow code to be remotely injected and executed.
The important patches include two for Vista, and relate to remote code execution and elevation of user privileges. The other two both affect Windows XP as well as Windows 2000 and Windows Server 2003. Check out Microsoft's security bulletin for more information on next Tuesday’s patch.