Microsoft has taken the unusual step of announcing a patch for an Internet Explorer vulnerability just a week after its traditional patch Tuesday announcements. The Redmond software giant was concerned that the vulnerability could potentially expose millions of customers and so rushed out a patch.
According to reports, the vulnerability could allow attackers to gain control of a Windows PC running versions 6 to 8 of Internet Explorer by directing users to malicious Web sites. Microsoft had apparently released a number of workarounds to the flaw as temporary solutions, but in the January 14th announcement a permanent fix will will be announced, saying there was no need to wait any longer.
Microsoft will host a webcast to address customer questions on the out-of-band security bulletin on January 14, 2013, at 1:00 PM Pacific Time (US & Canada). The webcast will also be archived.
As a general rule, ESET recommends installing patches as soon as they are available (subject to suitable internal testing if you are in a networked environment using proprietary applications)
Author Rob Waugh, We Live Security