ActiveX Security Change Released by Microsoft

Microsoft today released a configuration change that addresses the recent malicious attack against IE known as Download.Ject.
This configuration change disables an ActiveX control known as Disallowing this functionality prevents an attacker from placing malicious code on a PC hard drive and will prevent the Download.Ject attack. It can be downloaded from
In addition, KB article 870669, provides information to implement this change manually:
This change has the potential to effect legit apps that use ADODB.Stream functionality. The KB article does show how to role back the change if you find that it effects your corporate applications.
For more information on the Download.Ject attack: