You know a bug is severe when Microsoft can't wait for Patch Tuesday and rushes out an out-of-band emergency fix. Microsoft has issued MS15-093, this update fixes a critical security vulnerability in all supported versions of IE, from version 7 to 11.
The new Edge browser is not affected.
This security update resolves a vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.