Se outro navegador usar o mesmo mecanismo de processamento do IE, ele também estará vulnerável. Na verdade, não há muita diferença entre o IE e seu objeto ActiveX.
O artigo do seu KB vincula-se a MS14-021 , o que explica melhor o problema. Também diz:
Add sites that you trust to the Internet Explorer Trusted sites zone
After you set Internet Explorer to block ActiveX controls and Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to the Internet Explorer Trusted sites zone. This will allow you to continue to use trusted websites exactly as you do today, while helping to protect yourself from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone.
To do this, perform the following steps:
- In Internet Explorer, click Tools, click Internet Options, and then click the Security tab.
- In the Select a web content zone to specify its current security settings box, click Trusted Sites, and then click Sites.
- If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box.
- In the Add this website to the zone box, type the URL of a site that you trust, and then click Add.
- Repeat these steps for each site that you want to add to the zone.
- Click OK two times to accept the changes and return to Internet Explorer.
Use este procedimento para adicionar apenas os sites em que você deve usar o ActiveX no Zona de sites confiáveis, para que o ActiveX seja permitido apenas para eles e para eles.