There is no magic fairy dust protecting Macs - Dai Zovi, security researcher and co-author of The Mac Hacker's Handbook.
MS are going to push out an IE specific kill-bit for MSXML4 in October. More information here:http://blogs.msdn.com/xmlteam/archive/2007/03/12/msxml4-is-going-to-be-kill-bit-ed.aspx
Oh boy. Folks who are having issues getting the November MSXML 4 update/hotfix/patch to install are really going to love seeing this. <eg>