Extra patch for Internet Explorer
Microsoft has announced that a patch for the critical security hole in Internet Explorer will be released tomorrow, Wednesday, 17th December. While the announcement doesn't mention a specific time it is likely that the patch will be released towards the evening, as Redmond is 8 hours behind GMT.
This is not the first patch to be released outside of the monthly Patch Tuesday series. In October, Microsoft had to provide a short-notice patch for a critical hole in the RPC service that was actively being exploited by worms.
The current security hole in Internet Explorer is also a critical problem that is actively being exploited. The hole was publicly disclosed exactly a week ago on December Patch Tuesday. Before then, focused attacks using the exploit mainly targeted the Chinese region. In the meantime, an increasing number of web servers appear to have been compromised through SQL injection to infect their visitors' computers with the exploit. This apparently prompted Microsoft into responding immediately.
The announcement doesn't mention whether the other two acute security problems will also be patched before the end of the year. According to Microsoft, a hole in Wordpad is already being exploited, and Microsoft's SQL server also appears to have an unpatched problem.