Microsoft readies patch for critical IE vulnerability
Microsoft has announced that it will provide an out-of-band update later today for the critical hole that is present in Internet Explorer 6 to 8. The company says it will begin distributing the update, which addresses CVE-2012-4792, at 6PM GMT today. The update will replace a temporary Fix It patch that has been reported as having already been circumvented by a new technique.
The hole has been exploited by cybercriminals to infect computers with malware since the end of December. The patch was not available during Microsoft's regular Patch Day last week. Microsoft recommends that all users should install this update as soon as possible. Users who have installed the temporary Fix It patch will not need to uninstall it before applying the update.