Microsoft bypassed its monthly Patch Tuesday schedule this week to release a fix for a flaw in the Vector Markup Language (VML) that the SANS Internet Storm Center and other virus watchdogs flagged as unusually dangerous.
A Microsoft spokesperson said the company moved up the Oct. 10 release date to head off an exploit that takes advantage of how recent versions of Internet Explorer and Outlook handle malformed VML tags. One particular malformation can cause a buffer overflow and allow arbitrary code to run on the machine affected.
Details of the flaw and the patch procedure are available.
To read the original version of this story, visit SearchSecurity.com.