This particular vulnerability is known as use-after-free error. It attempts to use a part of memory that has already been released by OS. This results in the execution of code which would otherwise not be permitted. It even bypasses both the Data Execution Prevention (DEP) security system and Address Space Layout Randomization (ASLR) that tend to prevent this type of unauthorized access.
FireEye also reported that this exploit uses Adobe Flash to trigger the vulnerability. While a permanent fix is still under way, users are advised by Microsoft to run their IE browsers in Enhanced Protected Mode. FireEye recommends that users must also disable their Flash until then.
This poses a problem for almost-gone Windows XP since Microsoft might not release a patch for this out-dated version. Users may have to live with a vulnerable browser or upgrade to a newer version of Windows OS.