this is inside a component that is on nearly every Microsoft machine worldwide. this includes all versions of xp, vista, 7 and the server versions. There is no Windows Update yet. Please use the fixit for me link for a hotfix. This is a patch for this issue but it may cause issues since it’s not been fully validated. However this problem allows remote system takeover via IE AND Office.
The link to the fixit is here.