Just noticed over on PivX Solutions that Thor Larholm has made a (delayed) update regarding the latest Cumulative IE patch posted a while back;

Microsoft released the MS02-066 cumulative patch on November 20th, fixing 15 unpatched vulnerabilities. The updating of this listing was delayed due to a foreign visit to London, followed by a series of technical problems.

Out of the 17 remaining vulnerabilities 6 are still of a severe impact, where as some of the rest can be combined for additonal severity. It is still possible to execute arbitrary commands, read local files & do anything the user can otherwise do to his machine.

Would you like to know more?