Microsoft's patch for IE 6/7/8 hole released
Microsoft's out-of-band security update for the critical security hole that affects Internet Explorer 6, 7 and 8 is now available. According to Microsoft, the issue is "under limited exploit in the wild"; however, there is a Metasploit module available which can theoretically exploit the hole.
Users who have automatic updates enabled do not need to act; they will get the update through that process. The company had previously released a "Fix it" patch, which had subsequently been worked around by security researchers. If users have installed the "Fix it", they do not need to uninstall it as it does not interfere with the operation of the update, but Microsoft suggests that it should be removed after the update. Microsoft also reminds users that, where possible, they should update to Internet Explorer 9 which is not vulnerable to this hole.