Microsoft Internet Explorer has been reported prone to an unspecified vulnerability when handling CHM files. The issue is reportedly exploitable to provide for automatic delivery and execution of an arbitrary executable. This would occur when malicious web content is rendered in Internet Explorer.
It has been reported that this vulnerability is actively being exploited as an infection vector for malicious code that has been temporarily dubbed 'Ibiza'.
Workaround:
It may be possible to workaround this issue by renaming the following registry entry, this however has not been confirmed:
HKEY_CLASSES_ROOT\PROTOCOLS\Handler\ms-its
This may not eliminate the vulnerability but using a different name for the handler may mitigate existing exploits.
http://www.securityfocus.com/bid/9658/solution/

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic