Blake Hartstein from Demarc Security just added a new rule to that, the rule he added actually catches if a malicious website is trying to exploit the big vulnerablity in Acitve-X left by the removal tool.