<<
<< Opening a file type previously considered safe, e.g. plain text or HTML file isn't safe with IE. Users of the browser should avoid opening files directly and save them to disk instead (if opening them is necessary at all). If this flaw is being exploited, the file save dialog will reveal that the file is actually an executable program. >>
I NEVER open a file in IE directly when downloading it. I always save it to disk first. So why would I have any reason to believe this particular flaw is going to happen to me, if I am already practicing the method used to avoid the flaw? If you are directly running a downloading file without saving it and checking it first, you are asking for trouble anyway. I'm not saying this isn't a problem, because many people don't know they should do this, but it hasn't been a problem for me, and won't be if this is the way it works. >>
I think you probably have opened up a .txt file before in IE without saving it first. If you haven't, many MANY other users do. They will still get a "Open/Save" dialog in this case, but it appears safe because IE handles binary files in such a broken manner.