DaniWeb IT Discussion Community

DaniWeb IT Discussion Community (http://www.daniweb.com/forums/index.php)
-   Web Browsers (http://www.daniweb.com/forums/forum29.html)
-   -   IE Web Page Active X Security Updates - Explained (http://www.daniweb.com/forums/thread34835.html)

! ! Nov 4th, 2005 9:33 pm
IE Web Page Active X Security Updates - Explained
 
The two most recent IE security updates, MS05-038 and MS05-052, include defense-in-depth improvements that help prevent malicious web pages from loading and manipulating ActiveX controls that were not meant to run in IE. Prior to MS05-038 and MS05-052, IE included two main security checks around whether an ActiveX control can load and be manipulated by a web page:
  1. Only allow ActiveX controls to load if they are not in the registry-stored “killbit� list
  2. Only allow loaded ActiveX controls to be manipulated if they have implemented IObjectSafety and therefore “promised� they can be safely scripted
http://blogs.msdn.com/ie/archive/2005/11/04/489256.aspx


All times are GMT -4. The time now is 6:56 am.

Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC