Microsoft is planning to issue an out-of-cycle update to address a new rash of attacks targeting Internet Explorer 7.
The company issued an alert on 16 December to notify users that the update will be released on 17 December to fix a security flaw in the browser which has been actively targeted in the wild.
The vulnerability is believed to exist only in IE7. Other programs and earlier versions of the browser are not thought to be at risk.
Security firm Trend Micro said that the flaw exists in the handling of certain text files launched through WordPad. A specially-crafted document could cause the application to crash, leaving the attacker able to access the targeted system and execute code.
Such remote code flaws are often targeted by attackers who embed the exploit code in web pages or disguise them as downloads or attachments.
A Microsoft spokesperson told vnunet.com that the fix will be released at approximately 10am US Pacific time through the Automatic Update and Microsoft Update applications.
Delivery of the update comes just one week after the release of what Microsoft had hoped would be the final update of 2008. The December Patch Tuesday release addressed 27 flaws, including some in Internet Explorer.
Microsoft occasionally releases 'out-of-cycle' patches when a flaw is thought to be too serious or too heavily targeted to wait until the scheduled monthly update.
Much of today's AI is narrowly focused on specific tasks - a far cry from the general AI envisioned by the early pioneers
US space agency believes the crater could have preserved ancient organic molecules from the water that flowed there billions of years ago
Valve quietly closes down hardware initiatives launched following Windows 8
Scientists create a virtual reality simulation of a black hole sitting at the centre of the Milky Way
Simulations like this can help people understand complicated systems in the universe in a better way