Rogue ActiveX controls menace users
Flaws in ActiveX controls are being increasingly used to run security exploits.
Arbitrary file overwrite and deletion flaws, typically exploited through ActiveX controls, are well on the way to becoming a new class of security flaw, according to net security firm Symantec.
"These vulnerabilities exist particularly because of a …
This topic is closed for new posts.
Posted Wednesday 24th October 2007 20:25 GMT
Anonymous Coward
you missed the point
#
The trusted ones are already being used and already on the users system your last paragraph doesn't help in fact if the activex control doesn't say where it can be called from it can be used by any website you visit thats what is new about this. It IE I mean may block you from picking up any new ones but the others came with programs you installed hp printer vmware etc and so there is nothing IE can block you would have to turn off the WSH to make sure they don't do anything but then you couldn't use them.
Posted Wednesday 24th October 2007 21:15 GMT
Franklin
Trusted ActiveX controls?
#
"Trusted"? You keep using that word...I do not think it means what you think it means.
Posted Wednesday 24th October 2007 21:15 GMT
Morely Dotes
Correction
#
"by default, Internet Explorer blocks ActiveX controls."
I think you mean that IE 7 blocks ActiveX controls by default. Earlier version of IE will merrily execute this carefully-designed core flaw in the Microsoft virus-farm stable.
Yet another reason that IE should be unbundeld from the OS - by force of law, if that's what it takes.
Posted Thursday 25th October 2007 14:46 GMT
amanfromMars
Core Indicators..... for Shut Down or Melt Down....... or, of course, ReStreaming
#
"Earlier version of IE will merrily execute this carefully-designed core flaw in the Microsoft virus-farm stable." Is that an Astute Observation held by more than a Few?
It is also a very convenient port/means by which to Input VXXXXine/MetaData into the Core, Morely Dotes, with its rejection or assimilation indicative of Core Intent.
And with the Information/Intelligence leak will the Next Steps be decided upon.
Posted Thursday 25th October 2007 14:46 GMT
Rusty D
Re: Trusted ActiveX controls?
#
Love the 'TPB' reference.
This topic is closed for new posts.
Back to the article
Assuring application service quality
Transforming IT culture
Ensuring service assurance in the new normal
Reshaping IT
