This week, Microsoft released Security Advisory 2757760, regarding a vulnerability in Internet Explorer that could allow remote code execution:
This vulnerability is rated critical on Windows client and moderate on Windows Server, running IE 6, 7, 8 and 9. Today they released a cumulative security update that addresses the issue. Note that IE 10 running on Windows 8 or Server 2012 is not affected. These vulnerabilities also don't affect Windows Server 2008 - 2012 when installed using the Server Core option.
Check out Security Bulletin MS12-063 for more information: