David H. Lipman wrote:
> Just this part needs to be done to mitigate this threat...
>
> { the following will wrap }
>
> Windows Registry Editor Version 5.00
>
> [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX
> Compatibility\{88d969c5-f192-11d4-a65f-0040963251e5}]
> "Compatibility Flags"=dword:00000400

Maybe I misread it, but I only saw them say "to stifle this CLSID, do
this." I didn't see them say that was the CLSID of the ActiveX exploit.
I also didn't see them say an XMLHTTP exploit had to use that CLSID,
but then what I know about CLSIDs couldn't fill a gnat's thimble.

--
"A man's country is not a certain area of land, of mountains, rivers, and
woods, but it is a principle; and patriotism is loyalty to that principle."
-- George William Curtis