Microsoft has released a security advisory which states that a emergency patch for a critical security hole in Internet Explorer 6 and Internet Explorer 7 will be released on Tuesday, 30th March.
The vulnerability that exists in IE6 and IE7 is being active exploited by hackers and users computers are being infected. However, the vulnerability does not affected users of Internet Explorer 8 and Windows 7.
The out-of-band security bulletin is a cumulative security update for Internet Explorer and will also contain fixes for privately reported vulnerabilities rated Critical on all versions of Internet Explorer that are not related to this attack.
Earlier this month, Microsoft had also released a workaround to fix this vulnerability, however, this is a proper patch. If you are using IE6 or IE7, it is highly advisable to download and install the patch.
You will find more information on the patch at the Official Microsoft Security Bulletin page.