We
wanted to provide a quick update on the threat landscape and announce
that we will release a security update out-of-band to help protect
customers from this vulnerability.
Based
on our comprehensive monitoring of the threat landscape we continue to
see very limited, and in some cases, targeted attacks. To date, the
only successful attacks that we are aware of have been against Internet
Explorer 6. We continue to recommend customers upgrade to Internet Explorer 8 to benefit from the improved security protection it offers. We also recommend customers consider deploying the workarounds and mitigations provided in Security Advisory 979352.
Given
the significant level of attention this issue has generated, confusion
about what customers can do to protect themselves and the escalating
threat environment Microsoft will release a security update out-of-band
for this vulnerability.
We
take the decision to go out-of-band very seriously given the impact to
customers, but we believe releasing an update out-of-band update is the
right decision at this time. We will provide the specific timing of
the release tomorrow.
As
always, we’re continuing to investigate this situation, so customers
should look for the latest updates here on the Microsoft Security
Response Center blog.
Thank you,
George Stathakopoulos
General Manager
Trustworthy Computing Security
*This posting is provided "AS IS" with no warranties, and confers no rights*
http://blogs.technet.com/msrc/archive/2010/01/19/security-advisory-979352-going-out-of-band.aspx