”This design flaw in IE allows an attacker to retrieve private user data or execute operations on the user's behalf on remote domains," Gillon wrote in his description of the attack method. He crafted a Web page that--when viewed in IE on a computer with Google Desktop installed--uses the search tool and returns results for the query "password."
This flaw doesn't allow the system to be taken over, but is a problem nevertheless. If you stick to reputable sites you are not at any particular risk, as someone must design a site specifically for it. Microsoft is aware of the problem, so hopefully an update will surface soon.