All supported versions of Internet Explorer are vulnerable to a zero-day Exploit that is currently being exploited in targeted attacks against IE 8 and IE 9, dubbed "CVE-2013-3893 MSHTML Shim Workaround".
Microsoft confirmed that the flaw was unknown before the attacks and that it is already working on an official patch, meantime Microsoft released an emergency software fix for Internet