ricktendo Posted July 11, 2009 Posted July 11, 2009 There are 8 more KILLBIT entries included in this REG file than in the one Queue posted...Yea I saw those too, but for some reason the MSI does not add them when it installs
cluberti Posted July 12, 2009 Posted July 12, 2009 Why are there so many CLSID's?If we're dealing with just one control, why not just one CLSID kill-bit entry?Probably lots of different versions, or the control has a lot of entry points (each exposed COM interface needs a class ID).
eidenk Posted July 28, 2009 Posted July 28, 2009 Killbits are dead : http://www.hustlelabs.com/bh2009preview/Bottom line, don't use IE, or any app that embeds its runtime, for going online.
Queue Posted July 28, 2009 Posted July 28, 2009 That is what would be considered a knee-jerk reaction. The severity of their killbit bypass isn't clear, nor is it (currently) seeing wide-spread exploitation, nor is it known if it affects 9x systems.Queue
Bleeder Posted July 28, 2009 Posted July 28, 2009 Wow, yeah, I guess that's what today's out-of-band Microsoft security updates were for (to fix killbits).
cluberti Posted July 28, 2009 Posted July 28, 2009 Killbits are dead : http://www.hustlelabs.com/bh2009preview/Bottom line, don't use IE, or any app that embeds its runtime, for going online.Wow, way to jump to conclusions. Want a mat? The vulnerability is in the ATL code used when building COM components in Visual Studio (all the way back to VC6), not IE - the fix is so that IE won't load any controls that ARE vulnerable. Note that any application that loads C/C++ code built with ATL that is vulnerable, is vulnerable.
Bleeder Posted July 30, 2009 Posted July 30, 2009 Thank you for clarifying. ComputerWorld is so very misleading
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now