| By Ryan Russell |
If you use Internet Explorer 7, some of your ActiveX controls may make your system susceptible to a drive-by browser attack.
Now you can find and disable these unsecured controls by running a free program, though you may not want to disable all of them.
The care and feeding of ActiveX killbits
When Microsoft wants to disable an ActiveX control that makes Internet Explorer vulnerable to attack, the company releases a killbit as part of a security bulletin. This TechNet article describes how killbits work by editing the Registry.
As far as I know, the standard security tools don’t check specifically for vulnerable ActiveX controls. Nor do they let you manage the killbits for them. Errata Security’s free AxBan does just that.
Errata Security is a small company founded by a couple of friends of mine, Robert Graham and David Maynor. (I have no financial interest in the company.) In addition to whatever consulting services and commercial products the company offers, it has been putting out some nice free security tools. The utilities may lack polish, but they are highly useful.
To try AxBan, simply download it to any directory and run it. There’s no installer. Click OK at the warning, and then click the ActiveX tab. Any lines in red are installed ActiveX controls that have (or at one time had) some security problem. You don’t necessarily want to killbit everything, however.
Knowing what to killbit and what not to killbit
On my Windows XP system, AxBan identified my Flash and QuickTime plug-ins as being installed and not killbitted. This is accurate. In my case, I don’t wish to killbit those players because I use them. I did make sure they’re patched, though.