In issuing the patch, which is available through the usual channels, the company broke with its regular monthly patching cycle, which has become known as Patch Tuesday, something it has only done a handful of times in the past.

Testing has been completed earlier than anticipated and the update is ready for release, the company said. In addition, Microsoft is releasing the update early in response to strong customer sentiment that the release should be made available as soon as possible.

The patch was prematurely leaked to the web on Wednesday, and was dated December 28, indicating that Microsoft had compiled the fix in less than a day and has spent the intervening days testing it.

The company added that there will still be a Patch Tuesday as usual — this time it will feature a patch for Windows that is rated Critical, and one for Exchange and Office that will also be rated Critical.

The WMF vulnerability has been actively exploited by over a hundred web sites and spam runs over at least the last two weeks, although it has been present in the WMF format for well over a decade.

The problem with the WMF format, used for storing image data in the form of vectors and the like rather than as a bitmap, was that it has allows the image creator to include a 64k chunk of code that will be executed in the event of an error.

By making that code a malicious payload and then deliberately corrupting the rest of the file, attackers found they were able to break into Windows PCs to install backdoors, spam relays and other nasties.

Microsoft’s monitoring of attack data continues to indicate that the attacks are limited and are being mitigated both by Microsoft’s efforts to shut down malicious web sites and with up-to-date signatures from anti-virus companies, the firm said yesterday.

While a Windows zero-day is not unheard of, the vulnerability stayed in the media spotlight for most of the week, thanks mainly to some breathless blogging by the volunteer handlers at the SANS Institute’s Internet Storm Center.

It also became the subject of attention due to the availability of a high-quality patch from an independent researcher, Ilfak Guilfanov, which patched the hole at the expense of causing some printing problems in certain circumstances.

The story also shows that Microsoft can deliver fixes with remarkable speed with its throws resources at the problem. It was said that about 200 people were involved in the creation of this particular patch.

With responsibly disclosed vulnerabilities, the company has a track record of being more relaxed. It’s not unusual for many months to elapse between the researcher notifying Microsoft and a patch being issued.

eEye Digital Security Inc, which finds many of the vulnerabilities Microsoft fixes every month, says that Microsoft is currently aware of five vulnerabilities that it has not yet fixed. eEye has been waiting eight months for one of the fixes, which it classes as overdue.