Microsoft released <A HREF="http://www.eweek.com/article2/0,1895,2059036,00.asp?kc=EWNAVEMNL111506EOAD">a critical cumulative update</A> for its flagship Internet Explorer browser to fix a flaw that was being used in targeted zero-day attacks since early October. The IE update provides cover for code execution holes in DirectAnimation ActiveX controls that could be exploited if unexpected data is passed to the ActiveX controls.