OnlyNewZ has posted an unofficial patch for Internet Explorer
Temporary solution for the recent discoverd vulnerability (by The United States-Computer Emergency Readiness Team) in all Internet Explorers 5.01 and higher.Read more
If an ITS protocol handler is unable to access the specified MHTML file, the handler will attempt to access the content specified by the alternate location. The ITS protocol handlers incorrectly treat HTML content from one domain (htmlfile.html in example.com) as if it were in a different domain (file://, the Local Machine Zone). This is a violation of the cross-domain security model. Limited testing shows that the ms-its, its, and mk:@MSITStore protocol handlers are vulnerable.