This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer… The security update addresses these vulnerabilities by modifying the way that Internet Explorer handles objects in memory, validates input parameters, and filters HTML attributes.

EEye recommends immediate installation of the patch.

via eEye Digital Security .

Out of the 6 patches this month, three are client-side specific, and 3 are remote network vulnerabilities. Administrators should patch MS09-072, MS09-0071, and MS09-073 immediately. The remainder of the patches should be applied after environment testing, or to environments that have the specifically affected software deployed.

via Security bulletin from eEye Digital Security .