Microsoft has announced that it will release an out of band patch for the vulnerability in Internet Explorer as outlined in the Microsoft Security Advisory 961051.
The patch will be released on the 17th December 2008.
Microsoft will host two webcasts to address questions on the patch. The first is scheduled for 13:00 Pacific Time (US Canada) on the 17th of December , you can register for this webcast at http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032399448Culture=en-US.
The second is scheduled for 11:00 AM Pacific Time (US Canada) on the 18th of December , you can register for this webcast at http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032399449Culture=en-US
More details on this out of patch band are available at http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx
I was interviewed about this vulnerability on this evening’s Last Word Show on Today FM by Matt Cooper. A podcast of the show is available here, my piece is about 5 minutes in from the beginning.
I found it interesting to see how today a security vulnerability is getting press attention, whereas a few years ago it would be computer viruses. Have we moved on to realise that the threat landscape is changing?