All IE versions from 6 to 9, except 10 are exposed to Active Scripting vulnerability which allows remote attackers to execute arbitrary code on user's machine. Microsoft has suggested Enhanced Mitigation Experience Toolkit as a temporary fix for the bug.
Flash files are great way to deliver streaming contents such as music, videos and for online games. But they may become too risky if comes from an untrusted website and start automatically without your permission.
A few lines of simple HTML code made Internet Explorer to hang-up. It crashes every single version of IE, from IE6 even up to the latest Internet Explorer 9. If you want to try this, just copy-paste this code in notepad and save with .html extension.