I have never used KDE. May be because I have never had a problem with my Gnome desktop. I'm not saying that Gnome is more secure than KDE and wasn't happy when the French Security Incident Response Team (FRSIRT) published details about a critical vulnerability in KDE reported by Maksim Orlovich. It's about an incorrect bounds check in kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE, that allows a heap based buffer overflow when decoding specially crafted UTF-8 encoded URI sequences.
The affected version are from 3.2.0 through 3.5.0
Patch for KDE 3.4.0 - 3.5.0 :
ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdelibs-kjs.diff
Patch for KDE 3.2.0 - 3.3.2:
ftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdelibs-kjs.diff
which could be exploited by remote attackers to compromise a vulnerable system by convincing a user to visit a malicious web page containing a malformed JavaScript code via an application that uses the vulnerable engine (e.g. Konqueror).
The affected version are from 3.2.0 through 3.5.0
Patch for KDE 3.4.0 - 3.5.0 :
ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdelibs-kjs.diff
Patch for KDE 3.2.0 - 3.3.2:
ftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdelibs-kjs.diff