Microsoft released Security Advisory 2934088 (http://technet.microsoft.com/security/advisory/2934088) which impacts Internet Explorer 9 and 10. Internet Explorer 6, 7, 8 and 11 are not affected.
Although Internet Explorer 9 is vulnerable, at this time, Microsoft is only aware of limited, targeted attacks against Internet Explorer 10. This issue allows remote code execution if users browse to a malicious website with an affected browser. This would typically occur by an attacker convincing someone to click a link in an email or instant message.
Links to Microsoft Fix it solution as well other references are available in my blog post at Microsoft Security Advisory 2934088 (http://securitygarden.blogspot.com/2014/02/microsoft-released-security-advisory.html).