Microsoft has released a security advisory MSA-2794220 for the Internet Explorer 0day used against Council on Foreign Relations (CFR.org) drive-by attack. The vulnerability is only affecting Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8. Microsoft is not providing any date for a patch release, but will the appropriate actions. The next Patch Tuesday cycle is planned for the 8 January, but depending on how fast the exploit kits will include this new vulnerability, it will be maybe possible that Microsoft will release an out-of-band patch.”]