We now know it isn't part of January's Security Updates. This raises the possibility of an out-of-cycle patch. But then, we have yet to see more than limited exploitation. (We are currently investigating reports of targeted attacks.)
To repeat our earlier guidance:
For Windows 7, update to version 9 of Internet Explorer.
For consumers with XP, we recommend installing an additional browser such as Mozilla Firefox or Google Chrome.
For corporate folks, and other organizations, required to use XP with IE 8: Microsoft has a Fix it tool available.
