The latest IE cumulative update shipped today; download it from WindowsUpdate when you get a chance.

Over on the Security Research and Defense blog, there's an in-depth discussion of the security bug discovered in IE8 at the Pwn2Own contest at CanSecWest earlier this year.  While exploitation of this vulnerability was mitigated by DEP/NX and ASLR on Vista SP1 and above, you'll want to install the patch anyway. DEP/NX is a defense-in-depth, and the update package includes a number of other important (non-security) improvements.