The way IE integrates with the OS varies between releases. In XP and earlier, items such as Windows Update and Windows help are running on IE. Since Vista, these have been control panel applets instead, giving malicious code exectued in IE no power over it.
Users using another browser wouldn't be able to execute code that affects these components, but if some malicious code successfully attacks an IE user, it could potentially attack other parts of the system where IE is integrated (and to which IE has some form of access), and then execute code to potentially gain 'control' of a system.
This "remote code execution" usually isn't a hack that a script kiddie could run to gain access to your files, but often it's enough for hackers just to be able to redirect your browser (to fake online banking sites) or even just cause your PC to visit a site. Thousands of compromised PCs visiting a website a thousand times a second each is your basic DDoS attack.