Are there rules that are specific to vulnerabilities found in IE or holes in the OS?
This article pertains to all versions of SecurityChecker.
SecurityChecker does not target vulnerabilities in IE or the OS. That is essentially making sure your system is up-to-date on patches. Some competitor's products do this by seeing if your OS is vulnerable to a certain attack and then mapping that back to the patch that wasn't installed.