encyclo - 12:57 pm on Jul 31, 2010 (gmt 0)
Microsoft to Issue Emergency Patch for Critical Windows Flaw [threatpost.com]
Microsoft will issue an out-of-band patch on Monday for a critical vulnerability in all of the current versions of Windows. The company didn't identify which flaw it will be patching, but the description of the vulnerability is a close match to the LNK flaw that attackers have been exploiting for several weeks now, most notably with the Stuxnet malware.
Microsoft Security Bulletin Advance Notification for August 2010 [microsoft.com]
This is an advance notification of one out-of-band security bulletin that Microsoft is intending to release on August 2, 2010. The bulletin addresses a security vulnerability in all supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2, that is currently being exploited in malware attacks.
As the article mentions, this patch is for all supported versions of Windows - older unsupported versions are also affected by the vulnerability, but will not be patched. This includes anyone who has still not upgraded from Windows 2000 [webmasterworld.com] and who is now at risk from a serious vulnerability which is being actively exploited.