Kaspersky Labs reports that the Klez.H worm that began spreading last week attaches a file from an infected user's system as it propagates itself and therefore could leak confidential information. To prevent infection, users can install an update for Microsoft Internet Explorer (IE) that has been available for more than a year. Outlook 2002, Outlook 2000 with Microsoft Office 2000 Service Pack 2 (SP2), and Outlook 2000 or Outlook 98 with the Outlook Email Security Update are also protected because they block the .exe file attached to the worm message.

http://www.kaspersky.com/news.html?id=570164

http://www.microsoft.com/windows/ie/downloads/critical/q290108/default.asp