Microsoft issued a Security Advisory warning of vulnerability in its Internet Explorer 9 browser (and earlier versions) if a user views a website hosting malicious code.
Microsoft said the vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code. Anti-virus firms said the bug was actively being exploited to inject the Poison Ivy Trojan. Microsoft has not yet issued a patch, so F-Secure and others are advising not use IE 9 until the vulnerability is addressed.
http://technet.microsoft.com/en-us/security/advisory/2757760
