A Critical zero-day Internet Explorer vulnerability (CVE-2014-1770) was discovered by Peter ‘corelanc0d3r’ Van Eeckhoutte in October 2013 just goes public today by the Zero Day Initiative (ZDI) The vulnerability is a zero day remote code execution flaw that affects the Internet Explorer version 8 and allows a remote attacker to execute arbitrary code through a bug in CMarkup objects. The vulnerability has not been addressed by Microsoft and no patch is available yet for this critical zero day vulnerability.
Source: https://thehackernews.com/2014/05/internet-explorer-zero-day.html