In a nutshell, yes. And that only closed that hole, but leaves IE open to all the other issues. Microsoft is not actively fixing IE 6.0. (Read it until it sinks in?)
My advice is to use any other browser to step out of the line of fire from the malware writers and Microsoft. Also, keep that other browser current since those are gaining attention now.
I have gone to the patch for Internet Explorer 6's new vulnerabilities, but I cannot figure out if Windows 98SE owners who have IE 6 and SP1 need to download the new patch. Am I still vulnerable to the keystroke tracking?