As previously announced, Microsoft today released two urgent security patches outside of its regular monthly update cycle. The patches are described in an updated version of the Security Bulletin Summary for July, which also has download links for the installation packages. (These fixes are also available via Windows Update.)
One of the patches (MS09-035) corrects a flaw in the Active Template Library for Visual Studio, one of Microsoft’s development tools; the associated Security Bulletin gives details. The second patch (MS09-034) is much more important for most users; it fixes a vulnerability rated Critical for all supported versions of Internet Explorer on all desktop versions of Windows. Because of the integration of Internet Explorer with other Windows components, and the fact that the update replaces a number of dynamic link library (.DLL) files that may be used by other applications, I recommend installing this update as soon as possible.
Adrien de Beaupré, at the SANS Internet Storm Center, has posted a note with some further details.