El Reg reports
here regarding the latest M$ vulnerability.
The best part though is the following ( and I quote):
"Without a hint of irony, the company recommends removing "Microsoft" from IE's Trusted Publisher list (accessible via IE's Internet Options menu), in order to prompt a warning whenever a Microsoft-signed ActiveX control attempts to install itself. The company is working on a more permanent fix. "
You really can't top this.
-john