Posted by: Ken Harthun
Critical update, Internet Explorer, Microsoft Windows, Security, Security bulletin, Zero-day exploit, Zero-day vulnerability
Microsoft issued today “Microsoft Security Bulletin Advance Notification for December 2008.” The actual security bulletin will be released on December 17, 2008:
Microsoft Security Bulletin Advance Notification for December 2008
Published: December 16, 2008
Microsoft Security Bulletin Advance Notification issued: December 16, 2008
Microsoft Security Bulletins to be issued: December 17, 2008
This is an advance notification of an out-of-band security bulletin that Microsoft is intending to release on December 17, 2008.
This bulletin advance notification will be replaced with the revised December bulletin summary on December 17, 2008. The revised bulletin summary will include the out-of-band security bulletin as well as the security bulletins already released on December 9, 2008.
I don’t have any statistics on how fast they’ve responded to zero-day flaws in the past, but this seems pretty quick to me.