A new security feature that will let users pick and choose which ActiveX controls can load is said to be included in a future version of IE9.
In rare out-of-cycle security update, Microsoft fixes hole that put IE users at risk of attacks via ActiveX and other controls.
Latest Patch Tuesday updates plug nine holes in Windows, Office, ISA, Virtual PC, and Virtual Server, including several holes that have been targeted in attacks.
IE users warned about new ActiveX vulnerability, affecting Office XP, 2003, and ISA Server 2004 and 2006, that could allow an attacker to take control of the PC.
Microsoft says limited attacks have exploited a hole in the ActiveX control, a component of Windows Media Center used for recording and playing television video.
Vulnerability in ActiveX control for feature in Microsoft Access is being used for targeted but limited attacks, Microsoft says.
Tool eliminates the risks when editing the system registry file.
Three different ActiveX vulnerabilities affect Yahoo Instant Messenger version 3.5, and Yahoo Messenger versions 4.0, 5.0, and 5.5
Specially crafted images could allow remote access to vulnerable PCs