This is the second time in recent months that security vendors have pushed out patches for zero-day flaws ahead of Microsoft's official release. In January, a Belgian programmer named Ilfak Guilfanov released a similar interim patch to fix a far more serious Windows Metafile (WMF) flaw.

While such patches can be useful for some companies, it is unlikely that many enterprises, especially larger ones, will deploy them, said Andrew Jacquith, an analyst at Yankee Group Research Inc. in Boston. 'They would really rather wait for an official patch' instead of implementing an untested patch from an unknown third party, he said.

Bill Cassada, enterprise network administrator at Healthways Inc., a Nashville-based disease management company, said that he would like to see Microsoft 'react quicker' to zero-day threats. But he added that Healthways is unlikely to roll out any interim patches to deal with the current threats, since several work-arounds are available.

Robert Olson, systems administrator with Uline Inc., a Waukegan, Ill.-based distributor of packing and shipping materials, said that Microsoft's monthly patch release cycle provides companies with a "clean way" to push updates to users. He also said he would like to see supplemental updates for exploits involving unpatched vulnerabilities, but stressed that his company has no intention of using a third-party patch for any flaw, no matter how critical.

"Our opinion is that you open yourself to greater threats" of the patch disrupting production applications, he said. "With a genuine Microsoft patch, we can go back to Microsoft to get resolution" of any problem; The same is not possible with a third-party patch.