The hole MS plugged was just the most publicized one. There are a number of others. It's actually fairly easy to forge an MS signature, and since most people have set their system to trust MS signatures then the module loads without asking. There's also the media expoits that can attach commands to video and audio files, like MP3s. The only way to make IE very secure is to disable active-x. But then you miss out on all sorts of good stuff. I think it makes more sense to go with an alternate browser and take a little extra time to install the plugins you need for the types of media you like. Then you can browse in relatively high security and still enjoy the experience.