With the release of the bulletin, Microsoft made an update available on Windows Update (http://go.microsoft.com/fwlink/?LinkID=40747). Full details of the bulletin can be found here:
http://www.microsoft.com/technet/security/bulletin/ms08-078.mspx. It is important to point out that this Out Of Band release is NOT cumulative for other IE issues.
As mentioned before, this vulnerability is actively being exploited. Home users should patch immediately. Administrators should evaluate their needs quickly. Exploit attacks have been found in vulnerable web sites through SQL injection, and recently in Word documents (which means look for this in email attachments).
UPDATE: Beta versions of Internet Explorer 8 are also said to be vulnerable.