Microsoft are supposed to be releasing an out of band patch on Tuesday.

The vulnerability involves a flaw in the iepeers.dll library involving the handling of invalid values passed to the "setAttribute()" function. Exploits create a means to drop malware onto the PCs of victims, providing they visit booby-trapped website using vulnerable version of IE, as explained in our earlier story here.
Article:

http://www.theregister.co.uk/2010/03...emergency_fix/