Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


Guest wsxedcrfv

Microsoft Security Advisory (972890)

Recommended Posts

There are 8 more KILLBIT entries included in this REG file than in the one Queue posted...

Yea I saw those too, but for some reason the MSI does not add them when it installs :blink:

Share this post


Link to post
Share on other sites

Why are there so many CLSID's?

If we're dealing with just one control, why not just one CLSID kill-bit entry?

Probably lots of different versions, or the control has a lot of entry points (each exposed COM interface needs a class ID).

Share this post


Link to post
Share on other sites

That is what would be considered a knee-jerk reaction. The severity of their killbit bypass isn't clear, nor is it (currently) seeing wide-spread exploitation, nor is it known if it affects 9x systems.

Queue

Share this post


Link to post
Share on other sites

Wow, yeah, I guess that's what today's out-of-band Microsoft security updates were for (to fix killbits).

Share this post


Link to post
Share on other sites
Killbits are dead : http://www.hustlelabs.com/bh2009preview/

Bottom line, don't use IE, or any app that embeds its runtime, for going online.

Wow, way to jump to conclusions. Want a mat? ;) The vulnerability is in the ATL code used when building COM components in Visual Studio (all the way back to VC6), not IE - the fix is so that IE won't load any controls that ARE vulnerable. Note that any application that loads C/C++ code built with ATL that is vulnerable, is vulnerable.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...