you missed the point
The trusted ones are already being used and already on the users system your last paragraph doesn't help in fact if the activex control doesn't say where it can be called from it can be used by any website you visit thats what is new about this. It IE I mean may block you from picking up any new ones but the others came with programs you installed hp printer vmware etc and so there is nothing IE can block you would have to turn off the WSH to make sure they don't do anything but then you couldn't use them.