The first known SP2/IE vulnerability was reported and verified last week Friday (five days before SP2 for XP Pro went live on Windows Update). Clicking on a web page image with a hidden program downloads an executable to your startup folder. Hence, the next time you reboot the program executes and your box would be 0wn3d by 133t h4x0rs.