Yesterday evening, a new script exploit was brought to my attention. :-/ We grabbed a copy and analysed it overnight in our lab. This exploit disabled mouse, monitor and keyboard, edited the registry to remain in the system and then filled the hard disk swap space and memory. After this it formatted the C: drive. If you turned off your machine, it would write to WININIT.INI to continue on the next boot before Windows could start in order to finish its complete destruction of your system. A number of "web trojan downloader" exploits also make use of these functions to cause Internet Explorer to automatically download back door trojans without placing a screen to let you know that this was occurring. "dotNET" extensions when enabled in the Internet Zone are DANGEROUS. The WSHOM.OCX file is the core of this risk and is not easily removed owing to Microsoft's "system restore" which will put it back. This is a completely separate issue from "DataSource Object" exploits for which we created DSOStop although using our FREE DSOStop software and making certain that you've checked the "Internet Zone" protection will also help. That's why we included the "Internet Zone" in its coverage. Our IEClean completes the protection package for this exploit if you don't wish to edit the registry yourself. Come to our website: http://www.nsclean.com and see for yourself. The test is PERFECTLY SAFE, it involves an attempt to open 3 instances of CALC (calculator) on your system. It does not send ANY information from your system back to us either.