• Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Phishing
    • Ransomware
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

MyAntiSpyware

Menu
  • Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Phishing
    • Ransomware
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

Microsoft Internet Explorer does not honor ActiveX kill bit

Myantispyware team January 29, 2006    

A specially crafted HTML document can cause Internet Explorer to skip the kill bit check. This means that any ActiveX control that has been disabled solely through use of the kill bit may still be used by Internet Explorer.

A kill bit is a registry setting that prevents Internet Explorer from running the corresponding ActiveX control even if the control is installed on the system. It is not uncommon to proactively set kill bits for known malicious ActiveX controls as part of a spyware-prevention effort. For example, the SpywareGuide website provides a freely downloadable .REG file for setting kill bits of many “dubious” ActiveX controls.

How to protect

Apply the update

Install the 905915 update (MS05-054) or a more recent Internet Explorer cumulative security update.

Disable ActiveX

Disabling ActiveX controls in the Internet Zone (or any zone used by an attacker) appears to prevent exploitation of this vulnerability. Instructions for disabling ActiveX in the Internet Zone can be found in the document Securing Your Web Browser and the Malicious Web Scripts FAQ.

Note that disabling ActiveX controls in the Internet Zone will reduce the functionality of some web sites.

Use a different web browser

There are a number of significant vulnerabilities in technologies involving the IE domain/zone security model, local file system (Local Machine Zone) trust, the Dynamic HTML (DHTML) document object model (in particular, proprietary DHTML features), the HTML Help system, MIME type determination, the graphical user interface (GUI), and ActiveX. These technologies are implemented in operating system libraries that are used by IE and many other programs to provide web browser functionality. IE is integrated into Windows to such an extent that vulnerabilities in IE frequently provide an attacker significant access to the operating system.

It is possible to reduce exposure to these vulnerabilities by using a different web browser, especially when viewing untrusted HTML documents (e.g., web sites, HTML email messages). Such a decision may, however, reduce the functionality of sites that require IE-specific features such as proprietary DHTML, VBScript, and ActiveX. Note that using a different web browser will not remove IE from a Windows system, and other programs may invoke IE, the WebBrowser ActiveX control (WebOC), or the HTML rendering engine (MSHTML).

Tips

 Previous Post

Netscape 8.1 adds spyware scanner, bundles

Next Post 

kbhook.dll – keylogger ?

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

Leave a Reply Cancel reply

New Guides

Jezidexp.com MrBeast $1111? Fake Promo Code Scams Exposed
scam alert
Feastax.com Review, FREE $3,000 Scam, Fake MrBeast Promo Codes
Anchomoross.com Virus Removal Guide
scam alert
Fake or Real? You Visited Some Hacked Websites With Exploit Email Scam Explained
scam alert
Spotify Can’t Process Your Payment Scam Alert: A Phishing Email to Avoid

Follow Us

Search

Useful Guides

Best free malware removal tools
Best Free Malware Removal Tools 2025
DNSChanger
How to remove DNSChanger malware virus [Updated Apr. 2018]
ads by adware
How to remove Adware from Windows 10 (Virus removal guide)
Tech Support Scam
Remove Tech Support Scam pop-up virus [Microsoft & Apple Scam]
adwcleaner
AdwCleaner – Review, How to use, Comments

Recent Guides

Netscape 8.1 adds spyware scanner, bundles
Windows Defender Beta 2
New version GPCode virus
New trojan download spammed
Spybot S&D Update 27 January 2006

Myantispyware.com

Myantispyware has been a trusted source for computer security and technology advice since 2004. Our mission is to provide reliable tech guidance and expert, practical solutions to help you stay safe online and protect your digital life.

Social Links

Pages

About Us
Contact Us
Privacy Policy

Copyright © 2004 - 2024 MASW - Myantispyware.com.