Over the weekend I got an SNS global alert through from McAfee about the IE Vulnerability currently being exploited on a global level.

From McAfee site:

Could my organization be at risk of being infected?

The computer code that exploits the Microsoft Internet Explorer vulnerability has unfortunately been released publicly and is available on the Web. The public release significantly increases the possibility of widespread attacks using the vulnerability, putting Microsoft Internet Explorer users at potentially serious risk.

Microsoft is aware of the targeted attacks and lists the following combinations to be vulnerable: Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

For more information see: http://www.mcafee.com/us/threat_center/aurora_enterprise.html

Update (21/1) – Microsoft will today be releasing a patch for this vulnerability.