Microsoft patches critical XML Core Services flaw
Three flaws are contained in versions of XML Core Services, used in a variety of programs in Microsoft Office and Microsoft Windows. The software maker said an attacker could exploit the flaw remotely to gain access to critical data and take control of an affected machine
I would recommend to always do Windows Updates
I do, and have only been caught out once, which was resolved by MS immediately