Anyone try disabling the active scripting because of this new vulnerability? http://support.microsoft.com/kb/q154036/ --------------------------------------------------------- First noted by Internet users and then verified by Microsoft late last week, a vulnerability in the way Internet Explorer renders HTML has already spawned exploits that have ensnared unsuspecting Web surfers. The bug made news last Wednesday, and by Thursday the code to take advantage of the way IE handles the HTML tag createTextRange() was already available online. Initially, Microsoft said attacks using the new vulnerability were "limited in scope," but the rising number of complaints may eventually cause the software giant to release an unscheduled fix ahead of the planned security update on April 11. Microsoft currently doesn't plan to release an emergency patch, but if it does we'll have it for you on Download.com. Until then, the security company F-Secure strongly advises Web surfers to either disable "active scripting" in IE or use another browser altogether. You can get full instructions on disabling active scripting from the Microsoft help site, but here's the gist for IE 5 and up: select Tools, then Internet Options; click the Security tab; click the Custom Level button; scroll down to the Scripting section; and check the Disable button for Active scripting and Scripting of Java applets. Note that some Web pages will not display correctly without scripting enabled.