Microsoft has issued an advisory advising of a 0-Day Exploit in Internet Explorer 6, 7 and 8 which could allow a remote attacker to install a trojan virus on a user system without their knowledge.
Microsoft is working on a solution, but has not released one as of the time of writing this post. Due to the fact an already exploitable code is available on the web with no path in sight, it is highly recommended not to visited untrusted sites or to use a different browser than Internet Explorer until a patch is released.
More information can be found at:
http://www.microsoft.com/technet/security/advisory/979352.mspx
Possible workaround released by Microsoft (Enabling DEP):
http://support.microsoft.com/kb/979352
This is a very serious security threat. From the reports available, Anti-Virus softwares are not sufficient protection against this weakness.
UPDATE: Microsoft has released a patch for the the above vulnerability, however, a new exploit has been found with the same severity. Therefore, we highly recommend not to use Internet Explorer for the time being. The new advisory: http://www.microsoft.com/technet/security/advisory/980088.mspx