(Yet) Another IE5 Security Hole
This one's about as big as it gets. Georgi Guninski has found a way to exploit ActiveX controls in IE5 that allows him to create a file on your hard disk without your knowledge. This works even on NT. The only way of stopping it is to do what all you IE people should be doing anyway - set your security level to high and disable all scripting of ActiveX controls. He has a page to demonstrate the hole, but I'm only linking to the intro page since the demo is a real live exploit