Killbit

Killbit is a security feature in web browsers based on Microsoft's Trident engine (such as Internet Explorer) and other ActiveX containers that respect the killbit (such as Microsoft Office). A killbit instructs an ActiveX control container never to use a specific piece of ActiveX software, whether third-party or Microsoft, as identified by its class identifier (CLSID).

The main purpose of a killbit is to close security holes. If a vendor discovers that there is a security hole in a specific version of an ActiveX control, they can request that Microsoft put out a "killbit" for it. Killbit updates are typically deployed to Microsoft Windows operating systems via Windows Update.

Implementation

A flag in the Windows Registry identifies a CLSID as unsafe. The CLSID (a type of a GUID) acts as a serial number for the software in question. It must exist for each piece of software that behaves as an ActiveX control. If an ActiveX container finds that the CLSID of a killbit entry matches the CLSID of the software, the software is blocked from running in the ActiveX container. If a vendor wants to release an updated version then they release it with a different CLSID.

Internet Explorer's HTML application host also respects the killbit when processing the OBJECT tag in HTML, but not when processing scripts in HTML.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.