Microsoft announced today that it will release an out-of-band patch
on Tuesday to fix nine security flaws in Internet Explorer. Among the holes is one (KB981374
) that affects IE6 and 7, which can be used to gain control of a computer. An Israeli security researcher published the code
for that vulnerability earlier this month and claimed the exploit had a 60 to 70% success rate.
Although that particular bug doesn't concern IE8, others in the cumulative patch do, so be sure to grab the update no matter what version of the browser you run. That said, the eight additional flaws were responsibly disclosed and Microsoft is unaware of any active attacks against them.
The patch will require a restart and should be released tomorrow around 10AM PDT. Microsoft will host a live webcast at 1PM
to present information on the bulletin and take questions. The next regularly scheduled Patch Tuesday is set for April 13.