ActiveX is better off forever
There are so many holes in ActiveX modules on different sites that security experts recommend or edit ActiveX settings in the Windows registry (a special program is released to automatically wipe these CLSIDs from the registry), or completely disable this Internet Explorer extension. In other words, ActiveX technology is now officially considered malicious. Experts from the authoritative US Cyber Threat Response Center US-CERT (a division of the Department of National Security, which is used by government agencies and the government) said that the easiest way to counter the danger is to completely disable ActiveX in the browser.
The danger is serious because over the past few days several vulnerabilities have been found, each of which can be dangerous for millions of users. Five holes were found in the ActiveX-downloader of photos on Facebook and MySpace (the developer of the software module is Aurigma company), and two more in Yahoo Music Jukebox. It can be assumed that ActiveX-capable modules are also used on other popular sites. In 2006, 108 such vulnerabilities were detected in various ActiveX modules, in 2007 - already 237. Further, it will only get worse.
To completely disable ActiveX, you need to set the security level “High” in IE browser.
')
via Infoworld
The danger is serious because over the past few days several vulnerabilities have been found, each of which can be dangerous for millions of users. Five holes were found in the ActiveX-downloader of photos on Facebook and MySpace (the developer of the software module is Aurigma company), and two more in Yahoo Music Jukebox. It can be assumed that ActiveX-capable modules are also used on other popular sites. In 2006, 108 such vulnerabilities were detected in various ActiveX modules, in 2007 - already 237. Further, it will only get worse.
To completely disable ActiveX, you need to set the security level “High” in IE browser.
')
via Infoworld
Source: https://habr.com/ru/post/19912/
All Articles