Microsoft sent out a bulletin yesterday announcing the existence of a new vulnerability in IE that could let to remote code execution. The hole was discovered during the investigation of the alleged Chinese attacks on Google and many other tech companies that has been all over the news the past few days.
Microsoft says that "Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are affected."
The attack that compromised Google et al's systems is said to have been extremely sophisticated to the point that an attack of such quality had never been made on a corporate level.
Read Microsoft's security advisory here.