OK, I see that IE now prompts before allowing the ActiveX control to run. This is good enough for me for now. Perhaps future versions could set the kill-bit on the affected ActiveX control during installation?
I did look for any existing information about the issue on your site but couldn't find the security announcement. There don't seem to be any links to it? I tried the FAQ, the Knowledge Base and the Troubleshooting section, but even knowing that it exists I can't figure out how to get to it. I also tried some searches the other day but with no luck. A list of security announcemen