You will recall that last week security experts (man, what a cool job!) released evidence that there were certain vulnerabilities in IE and IIS 5.0 that could allow hackers to redirect browsers and download a keylogging trojan from a Russian website. We posted a story about a released fix, here.
Anyway, you will be interested I am sure to find out this security flaw is actually a feature that allows an ActiveX ADODB.Stream object to read and write files on a hard drive. Attackers used this "feature" to download copies of a keystroke logging trojan onto the unsuspecting browser user's computers.