The BBC reports that Microsoft has announced the existence of a vulnerability in all versions of IE. From the article:
The bug revolves around the way that IE manages a computer’s memory when processing Cascading Style Sheets – a widely used technology that defines the look and feel of pages on a website.
Hi-tech criminals have long known that they can exploit IE’s memory management to inject their own malicious code into the stream of instructions a computer processes as a browser is being used. In this way the criminals can get their own code running and hijack a PC.
Microsoft has produced updates that improves memory management but security researchers discovered that these protection systems are not used when some older parts of Windows are called upon.
The story goes on to say that Microsoft, while it is working on a fix, recommends using the Enhanced Mitigation Experience Toolkit.