Over the past several days, there have been a number of reports discussing a new Internet Explorer (IE) exploit that is being used to compromise Windows systems. So far, the only version of IE that Microsoft has confirmed to be vulnerable is IE 7, however Microsoft has stated that IE 5, IE 6, and IE 8 (beta) may also be vulnerable. At this time, the only preventative option available is to use a browser like Firefox, Opera, or Safari instead of Internet Explorer. This is particularly true if you are going to untrusted sites.
Microsoft has announced it will release an out-of-cycle patch for this bug tomorrow, December 17. System and Network Security strongly encourages everyone who uses IE to be sure to apply this patch as soon as it becomes available.