The Microsoft Data Analyzer ActiveX control has a remote code execution vulnerability. The system may also have one or more vulnerable third-party ActiveX controls installed.
A remote attacker could exploit these issues by tricking a user into requesting a maliciously crafted web page, resulting in arbitrary code execution.
Microsoft has released a set of patches for Windows 2000, XP, 2003,
Vista, 2008, and 7 :
Complete Confidentiality Impact, Complete Integrity Impact, Complete Availability Impact