This is a Remote code execution vulnerability of internet explorer. Attackers can install Trojan virus without their knowledge. Many attack incidents are reported in Chinese sites.
Microsoft have now released a security advisory 979352 for IT professional listing ways to mitigate the security issue to work around the security issue before they release a patch, http://www.microsoft.com/technet/security/advisory/979352.mspx
Microsoft created an application compatibility database that will enable Data Execution Prevention (DEP) for all versions of Internet Explorer. You do not need this database if you are using Internet Explorer 8 on Windows XP Service Pack 3 (SP3) or on Windows Vista SP1 or later versions. This is because Internet Explorer 8 opts-in to DEP by default on these platforms.
Download Fix This Microsoft link.
It is a very critical vulnerability, Try to keep away from unknown URLs ..