Following up on "Halloween sites tricking users with malware" it appears to me the sites mentioned have been hacked and a IFrame has been injected, that if activated infects the visitor with several nasties.
I would advise disabling that option in IE – it is the single most exploited setting!
Internet Options | Security tab | Custom Level button
Scroll down to: Launching programs and files in a IFrame
Select: Disable (IE7 by default is already set to Prompt)
Note: the culprit involved is already listed in my HOSTS file …