Yet another quaint lead-up to "silent delivery & installation of an executable on a target computer. No client input other than viewing a web page"! This is getting boring.

A myriad of technical hurdles have been recently placed to disallow access to files & folders on the local machine from the internet. Previously simple redirects could defeat that, but that too has been eliminated.

Coupled with a myriad of existing possibilities of placing arbitrary files in known locations on the local machine, along with perhaps several other well known applications that create sensitive files in known locations on the local machine, accessing all of these with our trusty browser commonly known as IE, leaves us with ample opportunity to wreak further havoc on the unsuspecting customers of the manufacturer, one "Microsoft".

Would you like to know more? Thanks PivX.