With hackers exploiting unpatched vulnerabilities in Microsoft's Windows and Office software, the company plans to issue 11 security updates next Tuesday. Some of the Office and Windows updates will be for critical flaws that could be exploited by attackers with no action on the part of users. Six of the patches will be for Windows, and four of them will be for Office, Microsoft said Thursday in a note on its Web site.

The 11th update will be for a flaw in Microsoft's .Net Framework, which is considered less severe than the critical Windows and Office patches.

Microsoft generally issues its security patches on the second Tuesday of every month, but last week the company was forced to issue a rare, out-of-cycle security patch after criminals began exploiting a flaw in Internet Explorer's Vector Markup Language rendering engine.

And security experts have also warned of cyberattacks based on unpatched flaws in PowerPoint, Word 2000 and in an ActiveX control (called WebViewFolderIcon) used by the Windows' graphical user interface software.

The WebViewFolderIcon flaw will be patched Tuesday, Microsoft said. Attacks that take advantage of this flaw have been seen on the Internet, the SANS Internet Storm Center warned earlier this week.