Microsoft has announced that today (21-01-2010) at approximately 6pm (UK time), it will release an emergency out-of band patch to fix the Internet Explorer zero day security vulnerability that has been used by attackers in various high-profile targeted attacks, specifically the recent Trojan.Hydraq attacks waged against Google and a number of other companies. The vulnerability affects Internet Explorer 6, 7 and 8, which make up the bulk of the versions used today. However, the only in-the-wild exploit code for this vulnerability detected thus far is confirmed to affect just Internet Explorer 6.

Keep an eye on the Microsoft Security Site for more information.

Also check out the Mircrosoft Advisory on this matter (979352).

Here is the patch MS10-002