Microsoft is actually going to close another infection vector? Amazing! As usual they blow off admitting that there is a two ton pink elephant sitting in the room and then suddenly decide that it is a problem after it has become a way of compromising systems. How many denial of service errors have started out being claimed to be only an inconvenience, and then two months later, we find we have in reality a full blown exploitable buffer overflow.

Now if we can go after everyone that trusted output from the IE7 infection proxy and didn't sanitize it before accepting it as input (Mozilla, Skype, etc.) and make them admit that they were the other 50% of the problem.