Microsoft has confirmed it is working on a fix for the latest critical Internet Explorer (IE) flaw, but would not confirm an emergency repair before April's Patch Tuesday.
Jerry Bryant, senior security communications manager at Microsoft, said in a blog post his team was testing an update but would not verify when users could get their hands on it, as thorough testing on all affected versions needed to take place first.
"We have seen speculation that Microsoft might release an update for this issue out-of-band," he wrote. "I can tell you that we are working hard to produce an update which is now in testing."
"We never rule out the possibility of an out-of-band update. When the update is ready for broad distribution, we will make that decision based on customer needs."
The latest flaw in the troubled browser linked to an invalid pointer reference came to light last Wednesday when Microsoft admitted the vulnerability was already being taken advantage of by hackers.
As with many recent flaws, this one only affects IE6 and IE7, so as ever Microsoft is advising users to upgrade to the latest version of the browser, IE8.
