Microsoft released an out-of-band emergency security update for a zero day in Internet Explorer. The patch is available to unsupported Windows XP machines as well. The vulnerability affects IE 6 through IE 11, and allows hackers to remotely execute code. The exploits in the wild are leading victims to the Pirpi remote access Trojan .Once the update and code is analyzed, it can easily be delivered into mass exploitation cybercrime networks, Kaspersky Lab researcher Kurt Baumgartner wrote.
Source: https://threatpost.com/windows-xp-systems-also-get-out-of-band-ie-zero-day-patch/105838/