The vulnerability is what is describes as a use-after-free error in the mshtml.dll library IE s HTML rendering engine that could allow attackers to take complete control of a vulnerable system. The flaw could be exploited when IE loads specially formated Cascading Style Sheets (CSS) files that included @import rules, which allow Web sites to incorporate style sheets from external sites. The company cautioned that the newly discovered vulnerability is not serious enough to warrant an out of cycle patch.
Source: https://threatpost.com/microsoft-warns-new-browser-vulnerability-122310/74802/

