Windows (ALL current editions) is vulnerable to a hack through it’s MIME HTML handling protocol. This vulnerability would allow malicious code to be run through Internet Explorer and through Opera. This is a variant of XSS (Cross Site Scripting).
Firefox requires an add-on to read and write MHTML files. In it’s default configuration it is not vulnerable, Safari and Chrome are not either.
Microsoft recommended that users lock down the MHTML protocol handler by running a "Fixit" tool it's made available. This is not a patch. That will require more time to develop because this is a Windows vulnerability, not an iE one.
The Fixit tool can be accessed from Microsoft's support site . It has the undo tool there as well for when the real fix comes. This edits the registry and automatically makes a restore point before installing.
The current list of vulnerabilities not fixed by MS can be found HERE.
The CSS flaw I reported on in December can be addressed with a work around you can find HERE. The uninstall for it can be found HERE.