MSDDS.dll exploit via Internet Explorer

Microsoft now has a writeup on this vulnerability. The page to keep an eye on for updates related to this is here.
I was very happy to see this. I called my TAM at lunch to see if setting the activeX kill bit on this dll was a good or bad idea. I didn’t want to do it, not knowing what the end result would be. Microsoft now has this listed in their “workaround” section of this post. There is no aftereffect of making this change because this file was not intended to be accessed using this method.
I’m working on getting this added to our ActiveX Kill Bits file that we deploy with SMS. I also need to see when that is next going getting deployed to our comptuers.