"Internet Explorer Turns Your Personal Computer into a Public File Server"
I haven't read through the documents properly yet but it looks like there's another 'feature' in IE which allows the 'innovative' security zones to be bypassed and allows a remote hacker to access the user's files. I think this is the same vulnerability which was mentioned by Hexus a week or two ago but it's recently been demonstrated at the black hat conference and more details on the vulnerability have been released.

Official papers can explain it better that I could:
http://www.coresecurity.com/content/Black-Hat-DC-2010
http://www.blackhat.com/html/bh-dc-1...#AlvarezMedina
http://www.coresecurity.com/content/...zone-elevation