Killbit

Killbit is a security feature in web browsers based on Microsoft's Trident engine (such as Internet Explorer) and other ActiveX containers that respect the killbit (such as Microsoft Office). A killbit instructs an ActiveX control container never to use a specific piece of ActiveX software, whether third-party or Microsoft, as identified by its class identifier (CLSID).

The main purpose of a killbit is to close security holes. If a vendor discovers that there is a security hole in a specific version of an ActiveX control, they can request that Microsoft put out a "killbit" for it. Killbit updates are typically deployed to Microsoft Windows operating systems via Windows Update.

Implementation

A flag in the Windows Registry identifies a CLSID as unsafe. The CLSID (a type of a GUID) acts as a serial number for the software in question. It must exist for each piece of software that behaves as an ActiveX control. If an ActiveX container finds that the CLSID of a killbit entry matches the CLSID of the software, the software is blocked from running in the ActiveX container. If a vendor wants to release an updated version then they release it with a different CLSID.

Internet Explorer's HTML application host also respects the killbit when processing the OBJECT tag in HTML, but not when processing scripts in HTML.

gollark: Do you really want to go there? *Really*?

gollark: Skynet has:- very simple publish/subscribe mechanism- actual protocol documentation- good performance- working client codeSPUDNET has:- vastly complicated node.js monolith which fails to scale- client code rewritten repeatedly because it's more complex and needs different environment things- documentation scattered across random Discord channels, some of which doesn't mention important features, plus similarly scattered code samples- 17249182649124 kilofeatures such as private channels, comm mode, the reporting system, HTTP-only mode- better acronym- potatOS

gollark: It's outdated, SPUDNET is better anyway.

gollark: No, I made skynet, for purposes.

gollark: https://github.com/osmarks/skynet

External links

Microsoft KB240797: How to stop an ActiveX control from running in Internet Explorer (August 24, 2007)
Microsoft Technet: The Kill-Bit FAQ

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.