funsec mailing list archives

Re: Microsoft: Ask us and we'll kill your ActiveX control

From: security curmudgeon <jericho () attrition org>
Date: Wed, 9 Apr 2008 21:00:08 +0000 (UTC)



: A lot of vendors should be speaking up here. ;-)  Secunia lists 335 
: security advisories that contain the word "ActiveX" in them:
: 
:    http://secunia.com/search/?search=activex

OSVDB lists 474.

We had a discussion recently on creating a better tracking system for 
ActiveX vulnerabilities, with the desire to list the CLSID as well. This 
list would allow administrators to set kill bits on any ActiveX that may 
impact their system/network. I opened a dev ticket (#420) yesterday 
afternoon to create this system ASAP, with a target of our May 5th 
deployment.

If anyone has ideas on how to better improve this system please contact me 
on or off list =)

Brian
OSVDB.org
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Microsoft: Ask us and we'll kill your ActiveX control Richard M. Smith (Apr 09)
- Re: Microsoft: Ask us and we'll kill your ActiveX control security curmudgeon (Apr 09)