Reported February 8, 2005 by Microsoft
A vulnerability exists in the Dynamic HTML (DHTML) Editing Component ActiveX control that could allow an intruder to discover private information or execute code on a user's system. A successful exploit could allow the intruder to take complete control of a user's system.
Microsoft has released
Security Bulletin MS05-013, "Vulnerability
in the DHTML Editing Component ActiveX Control Could Allow Remote
Code Execution (891781),"
and a patch to correct the problem.