This indicates a possible exploit of a vulnerability in the drag-and-drop feature of Microsoft Internet Explorer.
The vulnerability is due to the application's failure to validate drag and drop events. An attacker may create a malicious web page and send it to a potential victim as an email or a web link. If the user visits the malicious web site or views the malicious e-mail message, the attacker may be able to save a file on the user's system and execute arbitrary code.
Microsoft Internet Explorer 5.01, 5.5, and 6
Compromised of the affected system.
Apply the security patch to the system as given in the Microsoft bulletins MS05-008 and MS05-014.