Microsoft confirmed the bug and said it is working on a fix, but has no timeline for the patch release yet. The new bug in Internet Explorer affects versions 6, 7 and 8, but is not present in IE 9 beta releases. Microsoft did not rule out an emergency out-of-band patch, however. The company has released an advisory on the IE vulnerability and says some of the exploit protections it has added to recent versions of IE and Windows can help protect against attacks on the bug.
Source: https://threatpost.com/new-bug-internet-explorer-used-targeted-attacks-110310/74636/