FireEye Labs has discovered an "exploit that leverages a new information leakage vulnerability and an IE out-of-bounds memory access vulnerability to achieve code execution." Based on their analysis, it affects IE 7, 8, 9 and 10.