Actually, you've seen home page hijacking before I'm sure, Whitphil. We've had plenty of threads about it here, in fact the more unscrupulous site operators also set a policy in the registry to disable Internet Options so you can't change it back.

An Activex control or even VB Script does indeed have the power and authority to modify the system registry by calling on a dll.

Security advocates are indeed "all over it"... just that this isn't the only issue and the only solution (e.g. security settings for "active scripting" and Activex to prompt or disabled... and/or make use of the security zones in IE for trusted sites). To me, that seems like a more comprehensive solution to a problem larger than one dll.