Microsoft has released a security advisory about the vulnerability in all supported versions of Internet Explorer. The advisory says that the mentioned vulnerability exists due to the creation of uninitialized memory during a CSS function within Internet Explorer.
If an attacker exploited this vulnerability, the attacker could gain the same user rights as of the logged-on user. If user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. For detailed information of this vulnerability, please visit Microsoft Security Advisory (2488013) page.
Microsoft is investigating this vulnerability and has assured appropriate action to protect customers, which may include providing a solution through their monthly security update release process, or an out-of-cycle security update, depending on the needs of the customer.
I recommend users to be careful while browsing the Internet, do not open any suspicious mail from unknown sender or do not click suspicious URLs from emails. I also recommend users to set Windows Update in Install updates automatically mode, so that the patch for this vulnerability is applied automatically, when released by Microsoft.