Microsoft to Issue Unscheduled Patch

July 25, 2009

Microsoft has announced that next Tuesday, July 28, they will issue an urgent security patch outside of their normal second-Tuesday-of-the-month schedule.  The major vulnerability to be addressed by this patch affects Internet Explorer and related components in all supported versions of Windows and Internet Explorer.   The risk is rated as Critical for all Windows versions except Windows Server 2003 and 2008.  There is also a fix for a vulnerability in the Visual Studio software development tool, which is rated as a Moderate risk.

Although Microsoft does not say so directly, it is likely that the Critical flaw affects one or more of the dynamic link libraries (.DLL files) that are used by Internet Explorer, and elsewhere in Windows.  If this is the case, it means that the flaw may potentially exist in other, non-Microsoft applications that call these libraries.  Because of this, and because Microsoft does not generally release patches outside its normal monthly schedule just for kicks, I suggest that you try to install this one as soon as you reasonably can.

Brian Krebs, in his “Security Fix” blog at the Washington Post, also has an article about the upcoming patch.

%d bloggers like this: