This vulnerability was used to attack visitors to the site of the Council on Foreign Relations, United States.
Microsoft has published an advance notice of the fact that today, 14 January, at 10:00 PST, will be available security update, which will eliminate the zero-day vulnerability in the browser Internet Explorer.
Recall that on December 21 unknown hackers have carried out a successful attack on the website of the Council on Foreign Relations, United States (http://www.cfr.org) and posted on the pages of an exploit for a previously unknown vulnerability in Microsoft Internet Explorer. Subsequently FireEye published in his blog analysis of malware, which has been used by hackers.
Microsoft employees recommend install the security update as soon as possible. “Update for Internet Explorer 6-8 will be available through Windows Update and other standard distribution channels. If you set up automatic updates, no action is required, “– said in a notification producer.
A detailed description of the vulnerability can be found here:
https://malwarelist.net/2012/12/30/zero-day-vulnerability-in-ie/