The patch that will get the most news attention is likely to be CVE-2013-3660, which is a memory management problem in win32k.sys – the Windows Kernel. Code to exploit this flaw was added to Metasploit last month.