Running ActiveX scripts is most of the times transparent to the user. It is almost impossible for a normal user to detect this threat. Browsing an unsafe site, a page may contain this exploit, and automatically execute it (without any interaction from the user) thus downloading and executing an executable file from the internet onto the local computer.
It is recommended that you do not allow execution of this type of html files and DELETE these files.
Patrik Vicol, virus researcher
This is a Html/ActiveX exploit, a specially crafted html, derived from the normal technique described here
It contains an OBJECT type element whose CODEBASE attribute links to an executable file. The executable file is downloaded and executed, thus being a potential threat.