There are warnings for at least 6 Active controls that may experience buffer overflows or crashes and thus be subject to exploit developments Activex Vulnerabilities - Facebook, Myspace And Yahoo S10Activex Vulnerabilities - Facebook, Myspace And Yahoo S10Activex Vulnerabilities - Facebook, Myspace And Yahoo S10 So far there are no known in-the-wild attacks and in using the ISC's GUI based tool (link at the bottom) I had no exposures on my current system.

ActiveX Vulnerabilities - Facebook, MySpace and Yahoo
http://www.eweek.com/c/a/Security/ActiveX-...ers-Vulnerable/
http://www.us-cert.gov/current/index.html#...it_for_facebook
http://www.kb.cert.org/vuls/id/776931

Six key sites and Killbits for those sites
http://isc.sans.org/diary.html?storyid=3929
http://isc.sans.org/diary.html?storyid=3931

QUOTE: The US-CERT is urging Web surfers to immediately disable ActiveX controls from Internet Explorer to protect against a swath of publicly reported—and unpatched—software vulnerabilities.

The US-CERT (Computer Emergency Response Team) recommendation follows the release of exploit code for multiple zero-day flaws in image uploaders used by Facebook and MySpace and bugs in the ActiveX control that ships with the Yahoo Music Jukebox software.

According to Erik Kamerling, a vulnerability analyst at Symantec's DeepSight threat center, the availability of exploits for flaws in high-profile targets like Facebook and MySpace is cause for concern.

Although Symantec is unaware of in-the-wild exploitation of the ActiveX flaws, there's a feeling that attacks are inevitable. Admins are advised to set the kill bit for the following CLSIDs as soon as possible:

Aurigma: CLSID 6E5E167B-1566-4316-B27F-0DDAB3484CF7 ('ImageUploader4.ocx')
Aurigma: CLSID BA162249-F2C5-4851-8ADC-FC58CB424243 ('ImageUploader5')
Facebook: CLSID 5C6698D9-7BE4-4122-8EC5-291D84DBD4A0
Yahoo! MediaGrid: CLSID 22FD7C0A-850C-4A53-9821-0B0915C96139
Yahoo! DataGrid: CLSID 5F810AFC-BB5F-4416-BE63-E01DD117BD6C2

ISC GUI Tool can be downloaded from here:
http://handlers.sans.org/tliston/KillBitGui-Feb08.exe

ISC Command line
http://handlers.sans.org/tliston/KillBitCLI-Feb08.exe