Microsoft just announced another new security advisory for Internet Explorer.  With this zero-day vulnerability, a user would need to visit a malicious website that takes advantage of this vulnerability.  The title of the advisory is stating the vulnerability could allow information disclosure.  Microsoft is reporting there are no active attacks for this vulnerability.

Microsoft has listed numerous workarounds to help mitigate the risk of attack on a system.  If you choose to apply any of these workarounds, each workaround should be tested thoroughly in your environment to ensure functionality of your applications.

Tomorrow is the February Advanced Notification for patch Tuesday.  We will have to see if this is addressed with this month’s patch Tuesday.  I highly doubt this will be addressed next patch Tuesday as the announcement and turnaround time for a patch has a very small window of opportunity.

- Jason Miller