Microsoft is helping define the importance of patches based on exploit likelihood. This might fit with a risk assessment but it is unlikely to really change the need for rapid patching. My question is does this really help you make a prioritization? I think that with the release of a patch these indexes might change rapidly and MS will have to adjust the index.
|Exploitability Index Assessment
|Consistent exploit code likely
|Inconsistent exploit code likely
|Functioning exploit code unlikely