The Kill-Bit FAQ: Part 3 of 3

It is very common for Microsoft security bulletins to include “Kill-Bits” to disable individual ActiveX controls / COM objects. Here is the final part of our three-part Kill-Bit FAQ. The Kill-Bit FAQ – Part 3 of 3 Are there issues that could complicate the implementation of a Kill-Bit based fix? Yes. Here’s one interesting example:…

0

The Kill-Bit FAQ: Part 2 of 3

It is very common for Microsoft security bulletins to include “Kill-Bits” to disable individual ActiveX controls / COM objects. Here is the second part of our three-part Kill-Bit FAQ. The Kill-Bit FAQ – Part 2 of 3 How do ActiveX Controls, OLE Controls, and COM Objects relate? An ActiveX control is an OLE control that…

0

The Kill-Bit FAQ: Part 1 of 3

It is very common for Microsoft security bulletins to include “Kill-Bits” to disable individual ActiveX controls / COM objects. Here is the first part of a three-part FAQ we have developed to answer some questions around the Kill-Bit and related functionality. The Kill-Bit FAQ – Part 1 of 3 What is the Kill-Bit? The Kill-Bit…

0

Not safe = not dangerous? How to tell if ActiveX vulnerabilities are exploitable in Internet Explorer

In early January you may have read posts on security distribution lists regarding two ActiveX Controls released by Microsoft. We have investigated those controls and fortunately, they are not exploitable since IE does not treat them as being safe.  We wanted to give you some background on how to evaluate whether a potential vulnerability found…

0