Microsoft apparently decided that the Internet Explorer "createTextRange" vulnerability, reported in March and classified as “Critical” by Microsoft, did not warrant breaking its monthly security update schedule. The fix was released on 11 April 2006, almost three weeks after the vulnerability was revealed. In the intervening period, in-the-wild malware was actively exploiting the flaw.
However, the patch rollout was not without problems: it resulted in Windows Explorer issues for some users, prompting Microsoft to re-issue a corrected version on the 25th.