Microsoft has now posted a final security update for the recently discovered and publicly disclosed IE vulnerabilities. According to the security bulletin Microsoft released along with the fix it also includes solutions for four privately reported issues in IE.
This security update resolves one publicly disclosed and four privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
If you are running any version of Internet Explorer between IE6 and IE9 you need this update. Only IE10 on Windows 8 and Windows Server 2012 are unaffected. Also server core installs on Windows Server 2008, 2008 R2 and 2012 are not impacted by this vulnerability.
It is recommended that you go to Windows Update and download this update immediately if you are impacted by it.
For more information please visit http://technet.microsoft.com/en-us/security/bulletin/ms12-063