Severity Rating: Important
Revision Note: V2.1 (August 14, 2012): Clarified that users with Internet Explorer 9 installed on their systems do not need to install this update. See the section, Frequently Asked Questions (FAQ) Related to This Security Update, for more information.
Summary: This security update resolves a privately reported vulnerability in the JScript and VBScript scripting engines. The vulnerability could allow information disclosure if a user visited a specially crafted Web site. An attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.

More...