A group of software engineers with ZERT has issued what it
characterizes as an interim patch for the VML exploit, possibly closing
the door to a new series of Trojans. In so doing, a new group
resurrects some old questions about whether third parties should be
trusted to patch Microsoft products.