Microsoft has finally released a patch which fixes a bug that led to the massive attack of the Download.Ject virus.
This update resolves several newly discovered public vulnerabilities. Each vulnerability is documented in this bulletin in its own Vulnerability Details section.
If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
Microsoft recommends that customers apply the update immediately.