Internet Explorer 6, 7, and 8 are prone to a remotely exploitable vulnerability. A second vulnerability exists in Adobe Flash Player, Adobe Reader, and Acrobat. Both vulnerabilities are being Exploited in-the-Wild and are Un-Patched at time of writing.  Microsoft has provided a Workaround for the Internet Explorer issue based on a user-defined C.S.S. File. Customers may also wish to deploy D.E.P. and A.S.L.R. to Mitigate Attacks. Microsoft's E.M.E.T. Tool can be used to enable these protections.  Customers are advised to apply Updates as they become available and exercise Caution when visiting Un-Known or Un-Trusted Web Sites. Updates for Adobe Flash Player are scheduled for Release on Thursday, November 04, 2010.

Microsoft Security Advisory (2458511):

Vulnerability in Internet Explorer Could Allow Remote-Code Execution:
http://www.microsoft.com/technet/security/advisory/2458511.mspx.

D.E.P., E.M.E.T. Protect Against Attacks on the Latest Internet Explorer Vulnerability:
http://blogs.technet.com/b/srd/archive/2010/11/03/dep-emet-protect-against-attacks-on-the-latest-internet-explorer-vulnerability.aspx.

Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat:
http://www.adobe.com/support/security/advisories/apsa10-05.html.