Microsoft late Wednesday confirmed that all versions of Internet Explorer (IE) contain a critical vulnerability that attackers can exploit by persuading users to visit a rigged Web site.

Although the company said it would patch the problem, it is not planning to rush out an emergency update.

"The issue does not currently meet the criteria for an out-of-band release," said Carlene Chmaj, a spokeswoman for the Microsoft Security Response Center (MSRC), in an entry on the center's blog. "However, we are monitoring the threat landscape very closely and if the situation changes, we will post updates."

More: http://www.computerworld.com/s/article/9202218/