A French security organization discovered a critical flaw in KDE versions going back to 3.2.0 Friday. The flaw allows attackers to exploit a heap overflow error in the Konqueror web browser to run commands on your system. The advisory (in English), with pointers to the fixes (which are out already) is located here:
If you have the SUSEWatcher utility turned on, you should be already notified to run YaST to get this patch. If not, go do that anyway.