The Microsoft Security Response Center tweeted last week about a possible zero day exploit with Internet Explorer 8. The reported vulnerability about an Internet CSS bug was publicly disclosed, but there have been no reports of attacks yet.
As Microsoft is investigating this issue, we fully expect a security advisory to be released with this issue soon. Until Microsoft fully researches the issue, there are no actions that need to be taken with this issue.
It is very important to wait for vendor confirmation with zero day exploits. Security researchers that publicly disclose vulnerabilities may not have all the information. We have seen this recently with publicly disclosed information that was not entirely correct. Vendor confirmation will provide administrators with precise information and actions they can take to help mitigate the risk.