Internet Explorer will block outdated ActiveX controls.
The development team of the Internet Explorer web browser has announced another security feature called Out-of-date ActiveX control blocking , which will help users protect themselves against drive-by download attacks. This is an additional security option for browser versions 8-11 on Windows 7 SP1 +, which will block out-of-date (outdated) IE plug-ins (using ActiveX environment). From a security point of view, the function is of the type t. explot mitigation and protects against 1day exploits used by hackers to automatically install malware through exploit kits. The new security setting will appear in the browser with the following patch tuesday, i.e. August 12th.
This feature is included in EMET 5.0 and is called Attack Surface Reduction (ASR) . ASR allows you to block browser playback of Flash Player or Java content for untrusted IE zones, i.e., for the Internet zone. The new IE Out-of-date security setting ActiveX control blocking works on a similar principle, but does not completely prohibit the use of potentially unsafe browser plug-ins (see the ASR link), but only those for which the new version is already released. Internet Explorer-rendered content, such as Java plug-ins or Flash Player, uses ActiveX as it is regulated by Microsoft to embed relevant content into a web page and successfully play it in IE. Depending on which version of the application the replay content requires, the browser will decide whether or not to give the user a warning based on the new option.
')
Fig. This is how a warning will appear that reproducible content requires a version of the application that is outdated. The screenshot is taken from the MS post .
IE developers clarify that while we are talking about blocking outdated versions of Oracle Java software. To do this, the system versionlist.xml file will be used, to which you will add versions of plug-ins or software as needed (most likely this is a Flash Player). In addition, in order to ensure compatibility with corporate users, the new security feature will not block outdated ActiveX controls for corporate intranet zones (Local Intranet Zone) and trusted zone (Trusted Sites Zone).
Earlier, we wrote that in June and July, Microsoft released the MS14-035 and MS14-037 updates , which introduced additional security options for use-after-free vulnerabilities (UAFs).
be secure.
This feature is included in EMET 5.0 and is called Attack Surface Reduction (ASR) . ASR allows you to block browser playback of Flash Player or Java content for untrusted IE zones, i.e., for the Internet zone. The new IE Out-of-date security setting ActiveX control blocking works on a similar principle, but does not completely prohibit the use of potentially unsafe browser plug-ins (see the ASR link), but only those for which the new version is already released. Internet Explorer-rendered content, such as Java plug-ins or Flash Player, uses ActiveX as it is regulated by Microsoft to embed relevant content into a web page and successfully play it in IE. Depending on which version of the application the replay content requires, the browser will decide whether or not to give the user a warning based on the new option.
')
Fig. This is how a warning will appear that reproducible content requires a version of the application that is outdated. The screenshot is taken from the MS post .
IE developers clarify that while we are talking about blocking outdated versions of Oracle Java software. To do this, the system versionlist.xml file will be used, to which you will add versions of plug-ins or software as needed (most likely this is a Flash Player). In addition, in order to ensure compatibility with corporate users, the new security feature will not block outdated ActiveX controls for corporate intranet zones (Local Intranet Zone) and trusted zone (Trusted Sites Zone).
Earlier, we wrote that in June and July, Microsoft released the MS14-035 and MS14-037 updates , which introduced additional security options for use-after-free vulnerabilities (UAFs).
be secure.
Source: https://habr.com/ru/post/232567/
All Articles