Microsoft is investigating new public reports of a vulnerability in the Windows kernel. We are not aware of attacks that try to use the reported vulnerability or of customer impact at this time.
Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-band security update, depending on customer needs.
Read more about this vulnerability here.
Want to stay on top of the latest news on servers and security? Sign up now for the weekly newsletter here.
*** UPDATE January 22 2010 ****
Download information for the patch.
This is an advance notification of one out-of-band security bulletin that Microsoft is intending to release on January 21, 2010. The bulletin will be for Internet Explorer to address limited attacks against customers of Internet Explorer 6, as well as fixes for vulnerabilities rated ‘Critical’ that are not currently under active attack.
See the Microsoft Security Bulletin at: http://www.microsoft.com/technet/security/bulletin/ms10-jan.mspx.