“This issue allows remote code execution if users visit a malicious website with an affected browser,” Microsoft said. “This would typically occur by an attacker convincing someone to click a link in an email or instant message.”
The bug affects Internet Explorer 6 – 11.
The Vulnerability enables the hackers to gain control of your system and lets them access and manipulate the data which is quite alarming considering the fact that almost 10% of all government systems still run Windows XP and perfectly vulnerable to this attack. Microsoft has addressed the issue in a security advisory post and says “it is working on a patch” to fix the issue.