By: Jeff Martin

Jeff Martin — Thu, 18 Dec 2008 18:29:31 +0000

I wonder why Microsoft has started doing these off-cycle patches. Agree that this one doesn’t seem worth the disruption. I remember they were pretty firm about sticking to the once-a-month cycle, stating that widespread exploitation only took place after the bulletin was released. I guess it could be a coincidence that two patches they thought were specially urgent came out so close together.

By: Russ Cooper

Russ Cooper — Wed, 17 Dec 2008 18:56:16 +0000

With the bulletin now published we know that this patch does not replace MS08-073, the Internet Explorer cumulative update from December 9, 2008. This doesn't alter our opinions. You should, however, make sure you apply these patches in order just to be safe until Microsoft releases the next IE cumulative update.

Comments on: December 2008 IE Vulnerability

By: Jeff Martin

By: Russ Cooper