Perché dico che ActiveX e Active Scripting sono il male?
...perché non me lo sono inventato io: lo conferma una nota del CERT di cui ho già parlato.
To protect against the flaw, IE users are urged to disable Active scripting and ActiveX controls in the Internet Zone (or any zone used by an attacker). Other temporary workarounds include the application of the Outlook e-mail security update; the use of plain-text e-mails and the use of anti-virus software.
E a ulteriore conferma di altre regoline che consiglio da tempo:
Surfers must also get into the habit of not clicking on unsolicited URLs from e-mail, instant messages, Web forums or internet relay chat (IRC) sessions.