SANS reports (via CSIS) that a new 0-day exploit against Microsoft DirectShow is loose on the net.

The attack affects Internet Explorer and the fix for this issue is to set the killbit in the registry as follows:

\[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility\{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF\}\] "Compatibility Flags"=dword:00000400

Also note that Microsoft published a security advisory regarding this issue