A bug has been discovered that can allow perpetrators to put a fake URL into the bar, so it looks like something completely different.
"Malicious hackers frequently lure victims to convincing replicas of e-commerce sites such as eBay, where they're tricked into handing over financial and other private information. The method is said to be a key tool in credit card and identity theft.
"Savvy Web surfers often figure out the ruse from irregularities in the Web address. But in the method described by Secunia, IE could allow the address bar for the spoofed eBay site, for example, to read "ebay.com.""
This is on top of MS saying they have no plans to release a monthly patch for the month of December. Merry Christms, hackers!
For normal folks, may I reccomended getting the hell away from the crap browser that is the cause of almost every major Windows exploit? Try Mozilla instead. Hell, try ANYthing else.