On Monday, January 14, 2013, Microsoft is planning to release an out-of-band critical security update for the issue described in Security Advisory 2794220.
The update is to address an issue that affects Internet Explorer versions 6, 7 and 8. Internet Explorer versions 9 and 10 are not affected.
Although Microsoft has seen only a limited number of customers affected by the issue, the potential exists that more could be affected. Thus, it is advised that the update be installed as soon as possible.
Even with the update, if your operating system is Windows Vista or Windows 7, update to Internet Explorer 9. For Windows XP, your system will be more secure if you update to Internet Explorer 8.
If you applied the Fix it released in Security Advisory 2794220, it will not need to be uninstalled before applying the security update.
- MSRC Blog: Advance Notification for Update to Address Security Advisory 2794220
- Tech Net Advisory: Microsoft Security Advisory (2794220) Vulnerability in Internet Explorer Could Allow Remote Code Execution