"Microsoft has released a configuration change that addresses the recent malicious attack against Internet Explorer known as Download.Ject."
In addition, Microsoft has released a Knowledge Base article, 870669, that provides information that administrators can use to implement this change manually in their environment and to deploy the change across their networks.
This Knowledge Base article is available here:
Customers are advised to review the information in the Knowledge Base article, test and deploy the change immediately in their environments, if applicable.
If you have any questions regarding the security updates or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.
Please read the article above before proceeding with the following manual patch.
Manual Process to disable the ADODB.Stream object
To manually create the registry key, follow these steps:
Click Start, and then click Run.
In the Open box, type Regedit, and then click OK.
In Registry Editor, locate the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility
Right-click ActiveX Compatibility, point to New, and then click Key.
Type the following name for the key:
Right-click the new key, and then click New DWORD Value.
Name the value Compatibility Flags.
In the right pane, right-click Compatibility Flags, and then click Modify.
In the Edit DWORD Value dialog box, make sure that the Hexadecimal option is selected, type 400 in the Value data box, and then click OK.
Close Registry Editor.
When you set the compatibility flag, the ADODB.Stream object cannot access the hard disk of your computer in Internet Explorer. However, the ADODB.Stream object can still access your hard disk outside Internet Explorer.