There's a pretty nasty vulnerbility in IE's ITS protocol. CERN has a write up about it. Here's a proof of concept that over writes your wmplayer.exe, and launches it. Definitely not good times here. Overwriting system files and basically launching whatever code you want.
I heard about something like this last week, but I can't quite remember the source of the info. It's also being said on slashdot that there are already people taking advantage of this in the wild (surprise, surprise).
Between IE being a complete and utter joke of web browser when it comes to implementing CSS and any type of web standard, the thing is completely insecure. The only reason anyone can give for a rational reason to use it would be that they are locked in because some custom control / their design was for whatever reason designed by eight year olds, and requires IE.
Normally I reserve cricism about microsoft products because I'm afraid someone from that product's team will read this, but I'm about 99% certain that IE simply doesn't have developers working on anything besides what will be coming out in 2-3 years with Longhorn. And I'm sure that will be a fine, web standard browser. Right guys?