Security Corner

May 11 2008   2:07PM GMT

No-Hassle Way to Kill ActiveX Controls

Ken Harthun Ken Harthun Profile: Ken Harthun

ActiveX has always been a weak point in IE. The majority of browser plug-in vulnerabilities are ActiveX based. Microsoft realizes this and has a method to disable certain problematic ActiveX controls. But Microsoft’s method involves setting the kill bit by editing the registry and in order to discover the CLSID (Class ID) of the control you want to disable, you may have to uninstall others. In short, it’s a messy way to do things.

Errata Security to the rescue. They’ve created AxBan, a free tool to set the kill bit on known bad ActiveX controls. Errata promises that they’ll “be updating it as needed with new CLSIDs on an as needed basis.” AxBan is a single, small (45.5 KB), standalone executable that contains a list of known dangerous ActiveX controls. It highlights in red any you have installed on your system and gives you a button to set the kill bit. Be careful, though–there isn’t an “undo” button. Once you set the kill bit, if you find you’ve made a mistake, you’ll have to edit the registry to unset it.

Nevertheless, it’s a handy tool to have in your security arsenal

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: