New Windows vulnerabilities

On December 24th the SANS Institute's Network Storm Center (http://isc.sans.org) noted that there were a couple of new vulnerabilities in virtually all versions of Windows - one in the Windows Help facility and one in the way Windows loads your desktop icons and other system graphics.
Today they're telling us that there are active exploits for these vulnerabilities "in the wild" (out there trying to get into your computer) and that (as usual) you should be active in getting the latest patches for your machine's operating system.

The exploits are only just showing up as this note from Symantec shows: securityresponse.symantec.com/

Until you get patched (and even after) you should not stray far from high-usage and well known web sites. The vulnerabilities are transmitted via accessing web pages from sites that have been compromised - and typically these are sites that have amateur administrators or part-time administrators, not full-time professionals.