“Every couple of weeks Georgi Guninski, a 27-year-old Bulgarian
computer security expert, posts another Microsoft Internet Explorer
security hole to BugTraq, a mailing list dedicated to computer
vulnerabilities.
“The majority of Guninski’s latest discoveries have involved
Internet Explorer 5.0’s Active Scripting… The suggested
workaround is always the same: Disable Active Scripting.”
“JavaScript isn’t confined to Internet Explorer 5, although many
of the security holes are only evident in Microsoft’s latest
browser. It’s used in almost all modern browsers as well as across
platforms.
“The problem occurs because IE5 includes many more
features… They’ve added a whole lot more features in IE5. This is
typical for Microsoft. They add all kinds of features and only then
wonder how they might interact.”
“Microsoft’s own ActiveX controls have been a security headache
as well… ActiveX controls have full access to the Windows
operating system.”