Microsoft may soon be taking the unusual step of issuing an out-of-band security update to address multiple weaknesses that stem from a Windows security flaw that the software giant tried to fix earlier this month…. Last week, [Microsoft] issued software updates to plug nine security holes. Among those was a patch for a flaw in Windows and Internet Explorer that hackers were exploiting to break into PCs. … On July 9, noted security researcher Halvar Flake published a blog post suggesting that…the [patched] flaw was caused by a far more systemic problem in Windows. … Flake concluded [that] Microsoft may have fixed only a subset of the problem on Windows with its patch this month. …The decision over whether to do that or wait until next month's Patch Tuesday may hinge upon whether attackers begin exploiting these other vulnerable areas by using Microsoft's patch (and Flake's research) as a guide to locating the flaws.
[Date: 22 July 2009; Source: http://voices.washingtonpost.com/securityfix/2009/07/msft_scrambling_to_close_stubb.html