Microsoft has released a patch for a bug in IE5 that allows unscrupulous Webmaster to secretly run a program on your computer. In IE5, the Favorites list can display icons supplied by Web sites. However, the icons can be designed to trigger a buffer overrun, and the security hole will then allow the overrun to trigger code that could do nasty things to your computer.

Get the fix at the MS site.