Microsoft s security response team is investigating reports of a potentially dangerous code execution vulnerability in its flagship Internet Explorer browser. The issue involves the use of VBScript and Windows Help files in Internet Explorer. An attacker could host a maliciously crafted web page and run arbitrary code if they could convince a user to visit the page and then get them to press the F1 key in response to a pop up dialog box. Microsoft has not yet provided pre-patch mitigation guidance or workarounds for affected customers.
Source: https://threatpost.com/microsoft-warns-new-ie-code-execution-flaw-030110/73602/