Microsoft Security Bulletin MS12-037 - Critical
Internet Explorer 8.x
This security update resolves one publicly disclosed and twelve privately reported vulnerabilities in Internet Explorer.
The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Critical - A vulnerability whose exploitation could allow the propagation of an Internet worm without user action.
The vendor has issued a fix Microsoft Download Center.