The jpeg exploit is [link|http://www.infoworld.com/article/04/09/23/HNnewjpegexploit_1.html|in the wild now].

Couple of comments. First, this is not just Internet Explorer. Most any MS jpeg viewer is susceptible (image viewer and paint to mention a couple). MS has a tool that you can download to check for vulnerable programs. If the tool finds a vulnerability, what does it do? It takes you back to the page that you downloaded the tool from. Utter stupidity - why can't they list the programs that are vulnerable on your machine? As it is, the tool is absolutely useless.

Second, unlike Mozilla, it's near impossible to tell where the OS ends and where the viewers begin. Means that to patch the update, you have to expose the OS to a patch which may or may not cause unknown breakage.