Details at the moment are spotty but, based on the KB description, it sounds like a drive-by remote code execution hole that can lurk inside ads on websites.
As explained in the KB article, the vulnerability has not been publicly disclosed, but it is being actively exploited. It’s identified as CVE 2015-2502.
The SANS Internet Storm Center has a post up for the patch. Expect any new information to appear there as soon as it’s available.
Reddit also has a thread going -- Microsoft Security Bulletin MS15-093 - RCE in IE7-11 with active exploits in the wild.
Woody Leonhard