Cumulative Security Update for Internet Explorer (931768)

Summary
Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4, 6 SP1 on Windows 2000 SP4, 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2, and possibly 7 on Windows Vista does not properly instantiate certain COM objects as ActiveX controls, which allows remote attackers to execute arbitrary code via a crafted COM object from chtskdic.dll.
Solution
Run Windows Update or download available hotfixes from the following website: http://www.microsoft.com/technet/security/Bulletin/MS07-027.mspx
References