Microsoft has now issued a formal security warning and a "Fix it" patch for an exploit that affects both Internet Explorer 9 and 10 that was discovered last week



From Neowin:

Last week, Microsoft confirmed that a zero-day exploit had been discovered in Internet Explorer 10 that was being used in at least one cyber attack out in the wild. Today, the company issued a formal security warning about the exploit and confirmed that it also was found in IE9 as well.

  Microsoft issues Fix it patch for IE9 and IE10 zero-day exploit