IE security vulnerability alert - no patch currently available
This vulnerability has been known for about 6 months. However, it was just recently realized that the vulnerability can allow malicious web sites to execute code on the victim's system.
Microsoft Internet Explorer "window()" Arbitrary Code Execution Vulnerability
Disable Active Scripting except for trusted sites.