Microsoft delivered its biggest patch release in five years yesterday, but this has been overshadowed by a newly discovered zero day hole in Internet Explorer that went unpatched. The exploit, first seen in China and other parts of Asia, targets Internet Explorer 7 on Windows XP and 2003 using malformed XML tags
to take control of the system.
Additionally, the zero day exploit has been joined by another one involving a memory problem
in Microsoft SQL Server 2000 and a third vulnerability
that appears to affect the WordPad Text Converter for Word 97. Microsoft says it is investigating the matter.