According to study by NSS Labs (here), avast! Internet Security and 3 other security products out of total 13 tested protect users against Microsoft vulnerability withing XML Core Services and against vulnerability in IE 8 (IE8 has approx. 15% share). Both exploits were patched by Microsoft in June and July respectively but users who failed to update are of course at risk. A good news for avast! Free Antivirus users… you have the same protection against those exploits as users of the paid-for avast! Internet Security suite.
PS: having everything up-to-date and patched is of course one of the golden stay-secure-rules.