More mitigating the jajvaprxy.dll exploit

Still working on deploying the activeX kill bit. That is the mitigation for the javaprxy.dll exploit. A SMS advertizement did not get migrated over to 2003 at work so we’re playing hit or miss in guessing what the syntax should be to deploy a .reg file. We have a reg file that we normally push out monthly with over 1000 activeX controls to disable.
Microsoft created exe files to make it easy for users to disable the javaprxy.dll activeX control. I had heard this would be available on Windows Update, but I dont see it available there. It would be a good idea if they pushed this mitigation to everyone with auto-update turned on. Otherwise the average user just isn’t going to be protected.
I think this mitigation should also be deployable as a patch in SMS SUS.
By the time we get mitigation deployed the real patch will be available. I haven’t seen much chatter from the peeps at myitforum regarding getting mitigation deployed. Either it went smooth as silk for them, they cant talk about work anymore, or they aren’t worried about it. As I’ve mentioned, I’ve downloaded the exploit code and it is childsplay. I think making this lowering the corporate exposure to this vulnerability is exceedingly important.