What P3P policy do you have set, and what security level is internet explorer running at?
As IE has its 'privacy' settings, so if you dont have a P3P policy, or that policy doesnt conform to Microsoft's way of thinking (list time I looked, it was a while ago as I've given up bothering to code for IE, they dont accept legal as a valid dispute policy...so something like the data protection act in the UK is invalid as far as good old Bill is concerned...) then the cookie may well not get accepted, unless the client explicitly accepts it, or sets there security level lower.

However this is not something that is new, as this has been around for a good few years. So it may be something different, however it would be worth checking.

I dont know if you are an IE user, so I apologize if this is something you already know.
If cookies are not allowed by IE then you get a little eye icon along the bottom of the browser window. If you click on that eye it tels you the cookies disallowed and you can then manually enable them. So you can have a look at the site and if the cookie is getting blocked then either alter your P3P policy to comply with the Microsoft outlook on life or give your users an explanation of how to enable your cookies.

...Or just redirect anyone using IE to a page saying

<a href="http://www.mozilla-europe.org/en/products/firefox/">Get a better browser</a>.

;)

Its only with the masking.

If I go to "www.mysite.com/theSubSite"
The cookies will work on IE.

If I go to "www.theSubSite.com" (which is masked)
The cookies do not work on IE.

I may just give up and try to set up some virtual hosting instead.

I can't stand dealing with IE. Everyone keeps pushing css layouts but I can get them to look great on Safari and Firefox then I turn on an IE browser and it looks like someone just threw up a bunch of translucent squares on a newspaper. So I stick with tables.

Now this cookie issue popped up.

What IE not conforming the standards...never :D

IE treats cookies from first and third parties differently. I dont know how the masking is set up (if it is just a full page frame that loads the contents then you may well get hit for 3rd party cookies on the masked site, but 1st party on the main site) so there may be a difference in the way IE is handling those cookies.
In general the Microsoft site is actually quite helpful in explaining the 'features' of IE, so it may be worth checking them out to see what they have to say.

Maybe a little drastic but at the top of each page on your site -

if (stristr($_SERVER['HTTP_USER_AGENT'], "Windows")!== false) {
echo "<p>Unfortunately the browser you are using is not capable of displaying this site correctly. Please upgrade your browser to one that follows the standards.<br />\n";
echo '<a href="http://www.mozilla-europe.org/en/products/firefox/">Get Firefox</a>.</p>';
}

If only we could get away with it ;)