Friday, February 08, 2008

The What, Where, How of ActiveX and Kill-Bits

Before I provide any links or further information on this topic, the adventuresome folks out there (yes, you!) are going to be presented with an upfront advisory:

Warning - After reading the articles linked below, some folks may get curious about the registry and decide to do some independent investigation. If you (or a registry cleaner/program) modify the registry incorrectly, serious problems might result -- sufficiently serious to require the operating system to be reinstalled. Modify the registry at your own risk.

Now on to the topic at hand.

Every month myself and many others provide information on the latest Microsoft security updates. When a security update relate to Internet Explorer, ActiveX is frequently mentioned. “Kill-Bits” are commonly part of the security update used to disable individual ActiveX controls.

The Security Vulnerability Research & Defense bloggers really went to town to first provide background information on how to determine wither ActiveX vulnerabilities are exploitable in Internet Explorer. This was followed up with a three-part Kill-Bit FAQ.



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: