We're still investigating, but we have confirmed this vulnerability and I am writing a Microsoft ( Profile , Products , Articles ) Security Advisory on this. We will address it in a security update.
We have confirmed this vulnerability. I am writing a Microsoft Security Advisory on thisbut we wanted to make sure customers knew we were aware of this and we will address it in a security update.
In order to keep the code churn in security updates to a minimum, we try to avoid, as a general rule, including other code fixes for performance issues such as this.