Microsoft is to patch up a critical vulnerability in Internet Explorer today, in a out-of-cycle update.
The vulnerability may have exploited by Chinese hackers trying get into Google. The event has certainly been exolited by Google to get at Microsoft. And China.
Microsoft says the best way to avoid wandering around the web with your security trousers round your ankles is to update to IE8. XP users should ensure they are running Data Execution Protection Microsoft said.
"We are only seeing very limited number of targeted attacks against a small subset of corporations," George Stathakopoulos General Manager Trustworthy Computing Security blogged. "The attacks that we have seen to date, including public proof-of-concept exploit code, are only effective against Internet Explorer 6."
There's no patch for this one yet.