Starting with the October 2008 security bulletins, Microsoft will include valuable information related to how likely exploits might be developed for each individual security update.  This new rating system can help administrators better identify higy priority updates.  All security updates are of a critical nature and after testing they should be applied as quickly as possible.   

Microsoft implements new Exploitability Index for Security Releases
http://blogs.technet.com/ecostrat/archive/2008/08/05/predicting-the-future-microsoft-launches-an-exploitability-index.aspx
http://blogs.zdnet.com/security/?p=1632
http://www.informationweek.com/news/security/management/showArticle.jhtml?articleID=209903295

QUOTE: The Microsoft Exploitability Index aims to help IT administrators prioritize patches by rating the likelihood that vulnerabilities will be exploited.
 
The Exploitability Index is Microsoft's attempt to deal with what has become an unfortunate, predictable pattern: Microsoft issues a Security Bulletin and cybercriminals answer with code designed to exploit the newly disclosed vulnerabilities.

Starting with its October patch cycle, Microsoft plans to rate the likelihood that vulnerabilities will be exploited. It will do so to help administrators prioritize patches.

Vulnerabilities will be rated with one of three designations: Consistent Exploit Code Likely, Inconsistent Exploit Code Likely, and Functioning Exploit Code Unlikely. The first designation describes a vulnerability that would produce consistent results if exploited; the second designation describes a vulnerability that is difficult to exploit or would produce inconsistent results; the third designation describes a vulnerability that would be very difficult to exploit and thus might not warrant an immediate patch.