The March cumulative security update for Internet Explorer 6, 7, 8, 9, and 10 is available on Windows Update. It fixes one publicly known vulnerability and eight fixes for potentially dangerous areas that were reported in time before they were publicly disclosed. The most serious vulnerabilities relate to remote code execution if a user visits an attacker’s website. The user can then gain the same rights as the user.
Users with UAC (User Account Control) enabled are better protected against attacks. The update is on Windows Update, so if you have automatic updates enabled, you don't need to take any special action. Otherwise, I recommend deploying this update as soon as possible, because the most vulnerable systems are in the time between the disclosure of the vulnerability and the installation of the security update.
The update is rated critical for Windows Client and Recommended for Windows Server. Internet Explorer 10 on Windows 7 is not affected because it has included this update from the beginning.
Although the main purpose of the update is to improve security, it also includes minor fixes to HTML rendering. Some characters in the option tag did not appear when the MS Gothic font was used, and the text in the span tag was misaligned in the standards rendering mode if it changed dynamically.
An update to Adobe Flash Player in Internet Explorer 10 for Windows 8 has also been released, which is also rated as critical.
For more information, see Security Bulletin MS13-021 and the KB2809289 and KB2824670 Support articles.
I wrote the article for TechNet Blog CZ/SK.