Microsoft posted Security Advisory 2963983 for IE versions 6 to 11 on April 26, 2014. Workarounds are listed at the bottom of that SA (note the comments regarding Enhanced Protection Mode for IE11 users on 64-bit Win OS) but I don't believe a patch is currently available.
Further information is available in the recent BBC article Microsoft Warns of Internet Explorer Flaw. According to that article, the vulnerability crashes Internet Explorer on Windows XP and this is the first zero-day vulnerability that MS will not patch for XP.
EDIT:
Apologies to ALF60. I looked for a thread on this topic before posting but just realized that ALF60 already started a thread titled Microsoft Security Advisory 2963983 April 26, 2014 regarding this IE bug.
-----------
MS Windows 32-bit Vista Home Premium SP2 * Firefox 28.0 * IE 9.0 * NIS 2013 v. 20.4.0.40
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS