There is a vulnerability in Authenticode that, under certain low memory conditions, could allow an ActiveX control to download and install without presenting the user with an approval dialog.
vulners.com/securityvulns/securityvulns:doc:5248