Microsoft has now posted its monthly advanced notification for patches being released for March 2014. Included in the five bulletins releasing on March 11, 2014, the company is providing a permanent fix for the highly publicized vulnerability discovered in IE9 and IE10.
First discovered by FireEye Labs, the exploit takes advantage of a flaw in Adobe's Flash scripting language to bypass security in IE9 and IE10. The flaw was first reported publicly on February 13, 2014 and up until now only a Patch It solution has been available. Well, that or, per Microsoft, upgrade to IE11 which is not affected.
Microsoft admits they have seen a limited number of attacks using the flaw, but that those were only directed toward IE10.
The remaining four patches for Tuesday cover issues found in Windows, IE, and Silverlight.