IE7 - the security update that isn't
First, the big news - IE7 is now available for direct download.
I cannot recommend this update strongly enough. Go and get it.
My wife's not into the security stuff as much as I am, so she recommends it purely on the basis that it's a far improved user experience over IE6.
Me, I see how much it adds to your security - how many attacks have been simply stopped (or, at the very least gave me a prompt) by the IE7 beta versions.
A lot of press statements have said that this will be pushed as a security update. That's not correct. It will be pushed as a high-priority update, but not as a security update. That means it isn't going to wait for the second Tuesday of the month, and it doesn't have to be made available on the download pages at the same time as the automatic update is pushed out.
Download and test IE7 in your usual operations - if an app fails in IE7, you can spend some time getting it to work, or remove it and use IE6 again. While you do that, of course, you want to be pestering the vendor to get their app to work.
Your users who run with Automatic Updates enabled will be getting IE7 on November 1 (All Souls' Day, or the Dia de los Muertos), by the current schedule. So, update in advance to prepare for this.
Even though a number of vendors (hello, Intuit!) have stated that they will not support IE7, many of their applications just plain work anyway.