Microsoft has announced one out-of-band security bulletin
that they plan to release today. The
bulletin will be for Internet Explorer to address limited attacks
against customers of Internet Explorer 6, as well as fixes for
vulnerabilities rated Critical that are not currently under active
According to Yardena Arar at Windows Secrets, "The sophisticated
"Aurora" exploit is delivered through common file attachments or
links — typically in e-mail or other messages that appear to come from trusted
The security issue is related to cyber attacks that prompted Google to threaten withdrawal from China.
information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.
To receive automatic notifications whenever Microsoft Security Bulletins are issued, subscribe to Microsoft Technical Security Notifications.
Microsoft plans to host a webcast to address customer questions on the out-of-band
bulletin on January 21, 2010, at 1:00 PM Pacific Time (US &
Canada). To Register for the live webcast: January 21, 1:00 PM Webcast. Afterwards, Microsoft plans to make the Webcast available on-demand. For more information, see Microsoft Security Bulletin Summaries and Webcast.