Several times already we (Microsoft) infomred about a change we will ahve to make in the way we handle ActiveX. On February, 28 we published a Security Advisory to pre-warn about this change: http://www.microsoft.com/technet/security/advisory/912945.mspx.
Finally we infomred that we will include this change in the next Cumulative Security Update for Internet Explorer. As you may expect, the next Security Update cannot be far away.
Therefore I would really like you to test your applications that use ActiveX in order to make sure that you are able to roll this update out
What you are saying then is the next Cululative IE Update will include the non-security update (912945) along with the fix to the HTML objects vulnerability and probably other fixes?
Yes, that is what I was saying. All the IE Upadtes are always cumulative and therefore contain older fixes. There is just one exception and this is now this AcitveX fix as we will deliver a hotfix to disable the change.
This only until the next sectuiry update