Technet: Microsoft Releases Security Advisory 2934088
Today, we released Security Advisory 2934088 regarding an issue that impacts Internet Explorer 9 and 10. Internet Explorer 6, 7, 8 and 11 are not affected. At this time, we are only aware of limited, targeted attacks against Internet Explorer 10. This issue allows remote code execution if users browse to a malicious website with an affected browser. This would typically occur by an attacker convincing someone to click a link in an email or instant message.
As part of the security advisory, we have also included an easy, one-click Fix it to address the known attack vectors. The Fix it is available to all customers and helps prevent known attacks that leverage the vulnerability to execute code and should not affect your ability to browse the web. Additionally, applying the Fix it does not require a reboot. We encourage all customers using Internet Explorer 9 and 10 to apply this Fix it to help protect their systems. The Security Research and Defense blog provides greater technical insight into the issue and how the Fix it helps protect customers.