This is an MS Internet Explorer and Outlook security breach
(com.ms.activeX.ActiveXComponent security vulnerability).
The security flaw allows remote scripts and HTML pages to access to any
ActiveX control installed on a victim’s computer. The remote
script can gain full contol over a victim’s computer, including the ability
to read and write files on hard disks.
Trojan programs such as JS.Trojan.Seeker and JS.Trojan.Fav use this
vulnerability to modify a browser’s start and search pages and add
unauthorized links to the “Favorites” folder of Internet Explorer.
Microsoft has released a patch that removes the
com.ms.activeX.ActiveXComponent security vulnerability. We recommend visiting http://support.microsoft.com/support/kb/articles/Q275/6/09.ASP and
installing this patch.