If this article is accurate, Micorsoft's response is inadequate. Basically, don't use the back button on untrusted sites.
The problem is caused by what can politely be described as a design flaw in Explorer. When a Web page fails to load, Explorer displays a standard error message. This message is set to operate in the "Local Computer Zone" security setting, which by default allows scripting to run automatically.
... [discoverer] Sandblad suggested the usual fix for browser woes; disable active scripting.
I guess "Local Computer Zone" means "Local Intranet" in Internet Options? In the typical home setup, no network other than an internet connection, why not just set security at the same level for all four icons (Win98, IE 5):
OK, maybe higher on the last one! But the first three could be set high, or medium + script blocking, right?
Wouldn't that work for most people? Who needs local active scripts? I guess that's just what Sandblad is saying.