New zero day found in Microsoft Internet Explorer
Successful attacks using this vulnerability could allow an attacker to execute his own shellcode remotely with Internet Explorer privileges.
An attacker can make use of a zero-day vulnerability in Internet Explorer 9 through 11 to run arbitrary commands with full user rights. If the logged in user is an administrator, this could lead to a full system compromise.
There is currently no patch available for this vulnerability, and the vulnerability is actively being exploited in the wild. There are known mitigations, however.
CERT.be recommends to perform the mitigation techniques proposed by Microsoft(1), or to use a different browser until a patch is available.