Microsoft today released an emergency patch to address the zero day vulnerability discovered last December, which could allow remote code execution if users of Internet Explorer 6, 7, or 8 visit websites or open emails containing malicious code. For more information, visit Microsoft’s Security TechCenter.
Oracle’s security alert, released yesterday, addresses two vulnerabilities in Java, including the zero day vulnerability discovered last week. This alert comes just before Oracle’s regularly scheduled round of security updates, which will be released tomorrow. For more information, visit Oracle’s security alert site.
In both cases, the vulnerabilities are being actively exploited. ITS recommends that you apply the updates as soon as possible.