This week, Microsoft released Security Advisory 2757760, regarding a vulnerability in Internet Explorer that could allow remote code execution:
http://technet.microsoft.com/en-us/security/advisory/2757760#section1
This vulnerability is rated critical on Windows client and moderate on Windows Server, running IE 6, 7, 8 and 9. Today they released a cumulative security update that addresses the issue. Note that IE 10 running on Windows 8 or Server 2012 is not affected. These vulnerabilities also don’t affect Windows Server 2008 – 2012 when installed using the Server Core option.
Check out Security Bulletin MS12-063 for more information:
http://technet.microsoft.com/en-us/security/bulletin/ms12-063