I am alarmed that a routine driver update for a modem would be classified as "Critical." Whenever the driver for a telecommunications device is issued a "critical" upgrade, there's usually one of three things at play:
- The current driver may be trivially exploited for snooping network traffic (e.g., goes into "promiscuous mode" readily), or
- The current driver may allow for a delayed or silent re-activation/dial-out by a trojan or worm. This could basically turn the affected system into a zombie for DDoS clients or spam relaying points, or
- The device may be trivially knocked over by a remote attacker.
Considering the timing of this update, I wouldn't be the least bit surprised if there were a hidden surprise in the Sasser worm that relates to this.