The MS07-009 patch should be applied by most companies and home users.  However, if someone isn't patched, they should do so quickly in light of this recent development.

http://www.us-cert.gov/current/current_activity.html#ADODBActiveX

quote:

US-CERT is aware of publicly available exploit code for a vulnerability in the Microsoft ADODB.Connection ActiveX Control. The vulnerability in the ADODB.Connection ActiveX object causes memory corruption, and may allow a remote, unauthenticated attacker to cause Internet Explorer to crash or potentially execute arbitrary code.

More information about this vulnerability can be found in the following:

• Vulnerability Note VU#589272- ADODB.Connection ActiveX control memory corruption vulnerability
  
• Microsoft Security Bulletin MS07-009

US-CERT recommends the following actions to help mitigate the security risks:

• Apply the update as described in Microsoft Security Bulletin MS07-009
  
• Disable the ADODB.Connection ActiveX control in Internet Explorer, as specified in Vulnerability Note VU#589272
  
• Disable ActiveX
  
  • For more information on disabling ActiveX, please refer to the Securing Your Web Browser document and the Malicious Web Scripts FAQ.