“Security-software maker Symantec warned customers Tuesday that users of its online Security Check service have likely downloaded a flawed ActiveX control that could be used by an intruder as a path into the victim’s PC.
Security Check is meant to help people lock down their systems and loads an ActiveX script that aids in scanning a person’s computer. Ironically, the ActiveX script, which remains on the computer even after scanning, contains a memory flaw that could be used by an attacker to break into the PC.” [News.com]