Rather than wait until the next scheduled update on October 10, Microsoft released Security Bulletin MS06-055. This is a highly critical update. A security issue has been identified in the way Vector Markup Language (VML) is handled that could allow an attacker to compromise a computer running Microsoft Windows and gain control over it.
Note: If you have applied any of the third party fixes for the VML remote code vulnerability, I would suggest that you reverse those changes before installing this update.
New Security Bulletins for September 26 2006
Microsoft is releasing the following security bulletins for newly discovered vulnerabilities:
Microsoft Security Bulletin MS06-055 - Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486)
Summary: Who Should Read this Document: Customers who use Microsoft Windows
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Recommendation: Customers should apply the update immediately
The summary for this bulletin can be found at the following page: