On Monday, the Microsoft Security Response Center (MSRC) also acknowledged that it was investigating reports of what it called "limited, targeted attacks" on a bug in IE that it will patch later today.
Mandt cautioned that the kernel-mode driver bugs he reported might be exploitable using the methods he outlined at Black Hat.
"I believe some of the vulnerabilities could be exploited using the techniques presented in the paper as they operate on data stored in the kernel pool," Mandt said.
Today's updates for Windows, IE, Office and other Microsoft software should appear on the company's download site shortly after 1 p.m. ET. They will also be made available through the Windows Update and Microsoft Update services, and the Windows Server Update Services tool.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed. His email address is email@example.com.
Read more about security in Computerworld's Security Topic Center.