The Security Mentor

This is only for the Windows version of Internet Explorer. The Macintosh version of Internet Explorer is a completely different program.

There's a bug in an optional component (optional, but just about everyone has it) which reportedly lets a bad guy take over your computer if you visit the wrong web page.

Worse, someone's already released a program that supposedly takes advantage of the security hole and installs some remote control software on a PC. Microsoft says this was not "responsible disclosure". Microsoft is right.

This kind of problem, you'll remember, is something your firewall doesn't help with. Your firewall probably reasons that if you asked for the web page you must have wanted it.

There's no patch yet, and I haven't heard of a pre-patch workaround yet.
UPDATE 8/19: Corey Nachreiner at Watchguard tested the exploit code on a spare machine. Corey Nachreiner's test showed that XP Service Pack 2 does defend itself against this attack. You'd have to ignore a lot of warnings to let your machine get taken over.