Microsoft announced it's working on an out-of-cycle security update to fix the flaw in Internet Explorer that played a role in helping hackers to break into the systems of Google and other companies. Especially users of IE6 are at risk, but more recent versions of Microsoft's browser may be vulnerable as well.
Based on our comprehensive monitoring of the threat landscape we continue to see very limited, and in some cases, targeted attacks. To date, the only successful attacks that we are aware of have been against Internet Explorer 6. We continue to recommend customers update to Internet Explorer 8 to benefit from the improved security protection it offers. We also recommend customers consider deploying the workarounds and mitigations provided in Security Advisory 979352.
Given the significant level of attention this issue has generated, confusion about what customers can do to protect themselves and the escalating threat environment Microsoft will release a security update out-of-band for this vulnerability.