The six month old flaw in Microsoft Windows’ IE has been re-rated to “Extremely critical” by security company Secunia. This flaw, exposed to the public not too long ago by Computer Terrorism, still exists, since Mircrosoft is more busy with trying to get the exposers of the flaw to pay then fixing this now extremely critical flaw.
The reason Secunia has now made the flaw extremely critical is according to The Inquirer:

S. Pearson, of computerterrorism.com, has worked out that if a Javascript prompt box was of the right size and form to allow the insertion of custom shellcode a remote attacker can execute arbitrary code embedded into an otherwise normal looking Web page.

Source: The Inquirer | Computer Terrorism | Security IT Hub