In association with heise online

09 May 2008, 11:23

Helper program for setting kill bits

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

AxBan, a tool provided as a free download by security expert David Maynor, can set kill bits for ActiveX controls containing known security vulnerabilities, thus stopping Internet Explorer from loading these controls and reducing the risk of attacks using crafted web pages.

Zoom AxBan finds vulnerable ActiveX controls and can set their kill bits

AxBan contains a list of vulnerable ActiveX controls maintained by Maynor and can set the kill bit for these controls with just a single click. The list currently includes 14 ActiveX controls in which security vulnerabilities have been found and for which demo exploits have been published on milw0rm. These include the recently reported holes in the Microsoft Works and RealPlayer ActiveX controls.

Although the Microsoft knowledge base does provide instructions for setting kill bits, the process described involves directly editing the registry. This can be a dangerous exercise for non-technical users. AxBan helps minimise the risk of registry damage. Maynor plans to update AxBan as new vulnerabilities in ActiveX controls are discovered. The tool requires the .Net framework 2.0.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit