The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various Web sites, resulting in information disclosure. This impact is similar to server-side cross-site scripting (XSS) vulnerabilities.
Even Google has released a statement regarding targeted attacks on IE users. Apparently this MHTML vulnerability has been around for 7 years. Wow!