Microsoft Security Bulletin MS06-055: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486)
In a rare move, Microsoft has released a patch for the VML vulnerability before the next scheduled "Patch Tuesday", October 10th. Many security groups were pressuring Microsoft to release the patch early. It is believed that over 3,000 malicious websites exploit the VML vulnerability. By the numbers, VML is far worse than the WMF vulnerability which appeared earlier this year.