There's a nasty 0 day exploit that's currently loose in the wild.

http://www.computerworld.com/s/artic...ro_day_attacks