Home > IT Blogs > Security Bytes > Latest ‘month-of’ project targets ActiveX flaws
>>VIEW ALL POSTS  

Security Bytes

« Congress demands answers on DHS network security
Podcast: Security Roundtable »
May 3 2007   7:21AM GMT

Latest ‘month-of’ project targets ActiveX flaws



Posted by: Bill Brenner
Security Vendor News, Security Management

Here’s some good news for those of you who like all these “month-of” flaw disclosure projects: There’s a new one that focuses on ActiveX vulnerabilities.

Of course, this is bad news for those who believe such projects do nothing but generate publicity for researchers and lead to more attacks.

On the Month of ActiveX Bugs (MoAxB) Web site, a researcher using the name “shinnai” says most of the flaws to be unveiled will be denial-of-service issues that can cause the running application and/or Windows to crash. The researcher says the goal is to make people more aware of the risks in ActiveX controls.

This latest project comes on the heels of such previous events as the Month of Apple Bugs, Month of Kernel Bugs and Month of Browser Bugs.

Advocates of such projects say they raise awareness of threats and force vendors to take them more seriously. Opponents say the projects are more about publicity for the researcher than about better security.

Technorati Tags: , ,

  Bookmark and Share     Comment     RSS Feed     Email a friend

Comment on this Post


You must be logged-in to post a comment. Log-in/Register

Security Bytes » New ‘Month-of’ project targets search engine flaws  |   May 21 2007   8:59AM GMT

[...] A lot of security pros dismiss the recent flood of “month-of” flaw disclosure projects as PR stunts rather than a vehicle for better security. But such criticism isn’t stopping people from launching more of them. [...]