Microsoft has issued emergency patch to address 10 possible holes in Internet explorer that also includes a critical vulnerability that has been exploited in attacks.
This cumulative security update patch covers a publicly disclosed critical vulnerability (released in Security Advisory 981374) in Internet Explorer 6 and Internet Explorer 7 (Note that IE 8 is unaffected by this vulnerability addressed).However, the security bulletin MS10-108 which was released yesterday addresses 9 more additional vulnerabilities some of which also effect Internet Explorer 8 and are not disclosed publicly.
Microsoft Security Bulletin MS10-018 – Critical : Cumulative Security Update for Internet Explorer (980182) [aka Out of Band Internet Explorer Security Update]
Target platforms: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista, Windows Server 2003, Windows XP, Windows 2000, Windows Internet Explorer 7 Dynamic Installer, and Windows Internet Explorer 8 Dynamic Installer.
KB980182:
Security issues have been identified that could allow an attacker to compromise a system that is running Microsoft Internet Explorer and gain control over it.You can help protect your system by installing this update from Microsoft.
All Windows users (including Windows 7) download and install the latest Windows update KB980182 to make your software more secure.
For more information, read the MS10-018 bulletin.