As discussed in Microsoft Security Advisory (2887505), this is a remote code execution vulnerability, which means that attackers can run programs and execute commands on an exploited computer. Attackers typically exploit this vulnerability by hacking web sites and introducing exploit code on the web site. When visitors then visit this web site their browsers will execute the exploit code, which will then cause specific commands or actions to be executed as dictated by the attackers exploit code. This could include downloading programs, install or starting infections, or other behavior.
As there is no available patch for this exploit, Microsoft has released a Fix It titled CVE-2013-3893 MSHTML Shim Workaround, which prevents the exploitation of this vulnerability. All users of Internet Explorer should immediately install this Fix It until a patch is available or use a different browser for the interim.