Microsoft are issuing two out of band patches on 28 Jul 2009. One relates to Visual Studio and the other to Internet Explorer.
MS notification is here:
http://www.microsoft.com/technet/sec...9-jul-ans.mspx
EDIT: More comment here:
http://www.computerworld.com/s/artic...?taxonomyId=17
What's the betting this is one of the issues? :D
Quote:
At the Black Hat security conference on Wednesday, Ryan Smith, Mark Dowd and David Dewey are scheduled to show how to bypass the "kill-bit" mechanism that Microsoft frequently deploys to shut down buggy ActiveX controls.
