The critical MS08-018 update patches security holes that could lead to code execution attacks on all versions of Microsoft s flagship browser. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The patch comes a full three weeks after the appearance of targeted drive-by download attacks that dropped a backdoor on a hijacked Windows computer.
Source: https://threatpost.com/microsoft-plugs-ie-drive-download-flaws-033010/73760/