is planning to release two out-of-band security patches on July 28, 2009.
Officials warned in an advanced security bulletin that the Internet Explorer vulnerability is critical for Windows XP (IE 6/7/8) and Windows Vista (IE 7/8). It's not yet clear whether Windows 7 is affected. The issue is marked as critical and as a Remote Code Execution.
Microsoft also plans to plug a moderate hole in Visual Studio. Microsoft Visual Studio .NET 2003, 2005 and 2008 are all affected and it's thought the Visual Studio patch will solve an issue that can affect certain types of applications.