This morning, Microsoft issued an update to Internet Explorer, as well as a surprise update to its now past-support XP Operating System.
ZDNet has the scoop - and links to the security update - here, and Microsoft's official response is here.
Let us know if you need assistance with understanding this vulnerability as it relates to your organization, or that of running unsupported XP in your business environment. We'd be glad to help!