Following the announcement on Saturday by Microsoft of a new remote code execution vulnerability, it tranpsires that, unsurprisingly, there are already active attempts by hackers to exploit it. If you click on a malicious website, or a website with a malicious advert or link, you are at risk. All Internet Explorer versions (6 to 11) are at risk for so-called 'drive-by' attacks.
The attack can give hackers the same user rights as the current user. So if you are logged in to your PC as an administrator the risk is compounded. As I point out in my book, it's best to use an admin account only where necessary, and certainly not for general web browsing.
Given that Microsoft is yet to issue a patch, a security update or a Fix it tool for closing the hole, one option being suggested is to avoid Internet Explorer.