Microsoft announced today they will be shipping an out-of-band bulletin tomorrow for Internet Explorer.
It is important to note that this bulletin was planned on being released during the regularly scheduled April patch Tuesday. This bulletin will fix the highly publicized zero-day vulnerability for Internet Explorer (Microsoft Security Advisory 981374). In addition, this bulletin will fix 9 other vulnerabilities.
Microsoft Security Advisory 981374 was published by Microsoft during March’s patch Tuesday. This vulnerability affects Internet Explorer versions 6 and 7. Internet Explorer version 8 is not affected by this vulnerability. But, the patch is a cumulative update that fixes multiple vulnerabilities. Some of the vulnerabilities fixed in this bulletin do affect Internet Explorer 8. Administrators should be sure to patch all versions of Internet Explorer as soon as the bulletin is released.
It is not uncommon lately for Microsoft to release out-of-band. Microsoft monitors the situation through customer reports and exploit activity. If they notice, as in this case, the threat is growing, they will release out-of-band to address the vulnerability.