funsec mailing list archives
Research: Buggy, Flawed 'ActiveX' Controls Pervasive
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Tue, 31 Jan 2006 13:41:01 -0500
http://blogs.washingtonpost.com/securityfix/2006/01/research_buggy_.html Microsoft takes its share of lumps from security experts for building software that constantly requires security updates, but dozens of major corporations may also be guilty of piling their own security problems into Windows machines. New data collected by at least one notable security researcher suggests that as much as 50 percent of all computers powered by Microsoft Windows might contain one or more non-Microsoft components that could allow malicious Web sites to seize control of them. The components at issue all rely on ActiveX <http://surfthenetsafely.com/activex.htm> , a Microsoft creation that is deeply woven into the Windows operating system and in Microsoft's Internet Explorer Web browser. ActiveX was designed to allow Web sites to develop interactive, multimedia-rich pages, but such powerful features rarely ever come without security trade-offs. ... _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Research: Buggy, Flawed 'ActiveX' Controls Pervasive Richard M. Smith (Jan 31)