There is a new 'exploit' for a previously known bug in Internet Explorer.
This allows any program to be run via IE by a 'malicious website'.
Refer
http://secunia.com/advisories/15546 (classed as extremely critical)
Unless you are sure your antivirus software han handle this it is recommended you disable JavaScript in Internet Explorer, until MS release a patch.
To do this: IE Tools >Internet Options - Security - Internet - Custom Level - Scripting - Active scripting - set to Disable
Alternatively use FireFox 1.07
