Microsoft is intending to release an out-of-band security bulletin on March 30, 2010. The bulletin is being released to address attacks against customers of Internet Explorer 6 and Internet Explorer 7. Users of Internet Explorer 8 and Windows 7 are not vulnerable to these attacks. The vulnerability used in these attacks, along with workarounds, is described in Microsoft Security Advisory 981374. The out-of-band security bulletin is a cumulative security update for Internet Explorer and will also contain fixes for privately reported vulnerabilities rated Critical on all versions of Internet Explorer that are not related to this attack.

 

This bulletin advance notification will be replaced with the revised March bulletin summary on March 30, 2010. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

 

To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications.

 

Microsoft will host a webcast to address customer questions on the out-of-band security bulletin on March 30, 2010, at 1:00 PM Pacific Time (US & Canada). Register now for the March 30, 1:00 PM webcast. After this date, this webcast is available on-demand. For more information, see Microsoft Security Bulletin Summaries and Webcasts.

 

More to come,

Mitch

 

Subscribe to the TechNet Flash newsletter