An attacker could take advantage of Compromised websites, websites that accept or host user-provided content or advertisements, emails, or Social networks, to trick user to visit a specially crafted content that could exploit the vulnerability. the attacker then could gain the same user rights as the current user and take complete control of the affected system.Researchers at FireEye who had reported this vulnerability to Microsoft said that this zero-day bypasses both ASLR and DEP protections. Microsoft is currently working on a fix for this vulnerability, however Windows XP users are advised to roll on to latest operating system or to avoid using Internet Explorer as they will not be provided with any security patches.

Critical Zero day Vulnerability in Internet Explorer 6   11 Could Allow Remote Code Execution   TechWorm - 27