Microsoft released
Security Advisory 2934088 which impacts Internet Explorer 9 and 10. Internet Explorer 6, 7, 8 and 11 are
not affected.
Although Internet Explorer 9 is vulnerable, at this time, Microsoft is only aware of limited, targeted attacks against Internet Explorer 10. This issue allows remote code execution if users browse to a malicious website with an affected browser. This would typically occur by an attacker convincing someone to click a link in an email or instant message.
Links to Microsoft Fix it solution as well other references are available in my blog post at
Microsoft Security Advisory 2934088.