Microsoft released an emergency patch, MS06-055 for the Vector Markup Language hole in IE today. Microsoft has broken from its monthly patch cycle to issue MS06-055, a fix for the Vector Markup Language (VML) hole in the Internet Explorer Browser that was identified just one week ago and has been causing problems ever since. From a company email statement: “Microsoft released security update MS06-055, outside of the regular monthly update release schedule, to help protect customers from exploitation of a publicly known vulnerability in the Windows operating system, in response to malicious and criminal attacks on computer users that were recently discovered. MS06-055 addresses a vulnerability in Vector Markup Language rendering, a component of Windows, and has a maximum severity rating of Critical. The update addresses a vulnerability that could allow an attacker to take complete control of a system remotely. Microsoft originally planned to release the update on Tuesday, October 10, 2006 as part of its regular monthly release of security bulletins. However, Microsoft is aware of the existence of a public attack utilizing the vulnerability. Since testing has been completed earlier than anticipated, Microsoft has released the update ahead of schedule to help protect customers. Microsoft’s monitoring of attack data continues to indicate that the attacks and customer impact is limited, however Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary. Microsoft continues to encourage all customers to download MS06-055 immediately to protect themselves from current exploitation.“ Security