Microsoft Internet Explorer contains a flaw that may allow a malicious user to bypass the kill bit settings for ActiveX controls. The issue is triggered when user visits a malicious web page that contains specially crafted HTML which would cause the killbit setting for ActiveX controls to be bypassed. It is possible that the flaw may allow to execute arbitary code with user privileges.
Classification
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Exploit:
Exploit Unknown
Disclosure:
OSVDB Verified
Technical
If a security flaw is discovered in an ActiveX control, the control may be disabled in Internet Explorer. This is accomplished by setting the "kill bit" for the control, as described in Microsoft Knowledge Base article 240797. Before instantiating an ActiveX control, Internet Explorer will check the value of the Compatibility Flags registry entry. If the value is DWORD 00000400, Internet Explorer will not use the control. It is not uncommon to proactively set kill bits for known malicious ActiveX controls as part of a spyware-prevention effort. For example, the SpywareGuide website used to provide a freely downloadable .REG file for setting kill bits of many "dubious" ActiveX controls.
Solution
Microsoft has released a patch to address this issue. Additionally, it is possible to correct the flaw by implementing the following workaround(s): Stop ActiveX control from running in Internet Explorer.
I have just read the entire description of the ActiveX sytem structure and am flabergasted. I am not a computer developer but rather a secular humanist. Aplets are uniquely discerned and applied in accordance with the laws of nature and gravity making a diverse system of infinite potential. ActiveX is the doppelganger, disolving deductive reasoning and racing towards a speedy eclipse of our facility and syntaxits scary
