Load ActiveX Controls on Vista Without Administrator Privileges

["Fergie" <fergdawg () netzero net>]

I agree with Bruce Schneier on this one -- this seems like a
really bad idea.

[snip]

Microsoft is adding a brand-new feature to Windows Vista to allow
businesses to load ActiveX controls on systems running without admin
privileges.

The new feature, called ActiveX Installer Service, will be fitted into
the next public release of Vista to provide a way for enterprises to
cope with the UAC (User Account Control) security mechanism.

UAC, formerly known as LUA (Limited User Account), is enabled by
default in Vista to separate Standard User privileges from those that
require admin rights to harden the operating system against malware and
malicious hacker attacks.

However, because UAC will block the installation of ActiveX controls on
Standard User systems, enterprise applications that use the technology
will encounter breakages. ActiveX controls are objects used to enhance
a user's interaction with an application.

[snip]

More:
http://www.schneier.com/blog/archives/2006/07/load_activex_co.html

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.