Is there any way a website could automatically steal files from my computer, just by my visiting their site?
Yes and no.
“Yes” in the sense that an unpatched computer is vulnerable; “definately yes” if the user is one of those people that clicks “Yes” when prompted to install any random program or ActiveX control that pops-up on your screen.
“No” in the sense that most intelligent users don’t click “Yes” to install random software and also patch their machines as those patches become available, or they use a browser like Firefox that - while not 100% secure - is not the target of as many malware rojan\virus exploits as IE. Although this probably won’t last as more and more people start using Firefox.
In a sense, it’s like phishing. Only stupid people (or novice users) click on the links in emails from “eBay” or “Citibank”. The rest of us know better.