Fire up your Windows Update, Microsoft Patches Serious IE Flaw
Microsoft finally released a patch for a dangerous vulnerability that lets attackers trick Internet users into visiting malicious sites. The flaw has been public knowledge for some time, but Microsoft (Security is Job None) failed to include a fix for it with January's scheduled patch releases.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/Bulletin/MS04-004.asp