Microsoft will release later today an out-of-band patch for the critical Internet Explorer zero-day exploit that...
surfaced this past Christmas Eve. The attack uses a flaw in memory management present in versions 6 through 8 of the browser that enables drive-by remote-execution exploits.
Microsoft issued a "Fix-It" workaround during the first week of this year, but did not issue a full patch of the problem in last week's regularly scheduled Patch Tuesday update.
Microsoft will also offer a webcast today to provide further information about the patch and the scope of the underlying vulnerability.