The software giant won't release specific vulnerability details until Tuesday, but the advance notification on the company's TechNet site does note that the Windows fix will be rated "important" and the Office fix will be "critical."
As it does every month, Microsoft warned that "although we do not anticipate any changes, the number of bulletins, products affected, restart information and severities are subject to change until released."
The upcoming patch release will be much smaller than those of the last three months. In August Microsoft released 12 security bulletins covering a range of problems in Windows, Office and Internet Explorer.
Seven security updates were released in July for flaws in Windows, Internet Explorer, Exchange, Media Player, PowerPoint and Word.
August 2006 proved particularly hairy for Microsoft. Bot herders used the Windows Server Service flaw fixed in MS06-040 to expand their army of zombie machines, and the cumulative Internet Explorer update in MS06-042 had to be re-released after causing system crashes and opening up a new vulnerability.
This article originally appeared on SearchSecurity.com.