Microsoft's patching has had an incredible run of bad luck lately because they appear to be doing as much damage as they're preventing. The last two security releases, in August and October, Microsoft said might cause ActiveX controls and Java not to work properly on some websites.
In three updated security bulletins, Microsoft goes into some detail about how updates MS05-038 (August) and MS05-052 (October) create real problems with some websites. The ActiveX issue comes from the October update. Web pages containing an ActiveX control do not load as expected. The bulletin also says users may get an error message when they try to Add/Remove Programs in the Control Panel.
To fix the problem, subkeys need to be added to the registry. Altering the registry isn't something to be done by novices either. One wrong step and you're reloading Windows.
The other problem, from the August patch is tied to Java. With this particular issue, when you view a web page that contains a moniker, the web page may not work as expected, particularly those with Java monikers. The answer means that custom monikers are no longer enabled. Custom monikers are used reference and create instances of an ActiveX control or run code.
Microsoft offers solutions to both sets of problems on their website. Now the August update requires some registry alteration as well as disabling an implemented security change. One can screw up your computer royally and the other could leave you open for someone else to screw up your computer royally. In either case, "you go SQEESH just like grape."
Microsoft has had real problems with their patches lately. Another patch is due out Tuesday with the announcement out sometime today. One can only hope this new patch will be a lot nicer than the last two.