I'm still trying to think of a good reason why "organizations" wouldn't disable active scripting in the Internet zone in addition to the Restricted Sites zone (where it's disabled by default as part of High security settings) as a matter of course. Why would any manager of a business rationally decide that letting everyone in the world run unknown script code on his employer's property was a good idea? What excuse would he have for doing so, except abject and utter ignorance? Is it that the problem just hasn't been explained to him in so many words?

> Microsoft will have this patched on (or possibly before) April 11.

I fear that this event will be taken as license to re-enable active scripting in the Internet zone, with predictable adverse consequences (and I'd be happy to be proved wrong).
Mark Odell | 03.30.06 - 3:43 pm | #