Microsoft has released their Advance Notification for the December 2014 security bulletins. There will be a total of seven bulletins, three of which will update critical vulnerabilities.
Critical update affects Windows Vista, Windows 7, Windows Server 2003 and Windows Server 2008
The critical update also affect Exchange Email Product Line as well as Office 2010. Office 2013 and even Office Web Apps.
So it looks like there is a need to patch as soon as these are released.
Don’t forget to patch, and update your MSRT (Malicious Software Removal Tool)
Source: zdnet
For more info and details: Microsoft Security Bulletin Advance Notification for December 2014