Attackers end-run around IE security

The dependence of Internet Explorer on other Windows components has allowed online attackers to work around the shored-up security of Microsoft's latest browser. ActiveX components act as a common way to exchange data between various components of Windows. While the flawed ActiveX component - a part of Microsoft's XML Core Services 4.0 - is not shipped with Internet Explorer, attackers can use the browser to trigger the flaw and compromise any system on which the ActiveX control is installed.

Read the article HERE.