Another IE flaw found read more about it here http://www.vnunet.com/News/1129492

The Computer Emergency Response Team (Cert) today released an advisory warning of yet another vulnerability affecting Microsoft Internet Explorer and Outlook.
A buffer overflow vulnerability in the way Explorer handles embedded objects in HTML documents could allow an attacker to execute arbitrary code on a victim's system.

Will they ever get it right?