Re: New attack kit targets bag of ActiveX bugs

[security curmudgeon <jericho () attrition org>]

: The bad guys are now doing what I was worried about which is to rattle 
: the door a bunch of times to see which insecure ActiveX control will let 
: them inside someone's computer.  Many ActiveX controls also can't be 
: automatically updated by vendors with security fixes.  It's up to users 
: to learn about and manually install patches.
: 
: One solution to the problem is to have an industry-wide list of known 
: bad controls that is published on the Internet.  Security products can 
: then use this kill list to disable bad ActiveX controls which are hidden 
: away on many of our computers.

OSVDB.org tracks the CLSID associated with ActiveX controls when possible, 
even though the field that contains it isn't visible on many entries 
(searching for a CLSID will find it if we have it).

One of our wish-list items is exactly what you describe above, 
auto-generated from our database nightly.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.