Previous
Cyber-commerce Threatened By Malicious Code
News For anyone browsing the Net, opening up a Java applet or ActiveX control could result in malicious mobile code attacking files and wiping out systems. Any time someone clicks on to a dynamic aspect of a web page, the chances are it will be a Java...
[October 27, 1998, 15:02]
'Survivor' Site Contains Malicious Code
News The Trojans take advantage of known exploits in Microsoft ActiveX, Internet Explorer and Java virtual machine. The site, owned by a party that has licensed the word "survivor" in a top-level US domain -- not linked to the television network...
[May 13, 2004, 10:35]
Microsoft Patch Tuesday Brings Six Critical Updates
News The arbitrary file download vulnerability in ActiveX could be exploited if the user visits a web page containing malicious code, Microsoft warned. In Security Bulletin MS08-041, Microsoft warned that attackers could further use the internet to...
[August 13, 2008, 12:31]
Microsoft Goes On A Bug Hunt
News The problem lies in an ActiveX control called MS Active Setup, which can automatically install Microsoft-authenticated code onto a Windows-based machine. Someone could use this ActiveX bug to put one of these components on your machine, which then...
[February 29, 2000, 10:44]
Sony Rootkit Remover On The Rocks
News The flaw in Sony's uninstall software was based on an ActiveX progam installed on hard drives, which allowed Web sites to run malicious code automatically in the Internet Explorer Web browser. Some security experts are advising people who think...
[November 17, 2005, 8:40]
Microsoft Warns On Windows And Server Security
News Microsoft said the first new flaw discovered exploits a problem with ActiveX, the Microsoft technology that lets programs interact with Web sites and applications. Microsoft rated the ActiveX exploit as critical for desktop operating systems but...
[October 4, 2002, 8:33]
Experts Warn On 'unpatched' Vulnerability
News Chuawiwat suggests users disable ActiveX controls and plug-ins until Microsoft issues a patch that fixes the vulnerability. For most enterprises there's no need for ActiveX so it should be disabled," he said.
[September 29, 2003, 9:10]
Microsoft Launches Critical IE Patches
News This "compatibility patch" is specifically designed for businesses that may have homegrown applications that use ActiveX, Microsoft has said. MS06-014 is related to a specific ActiveX control and MS06-015 deals with a bug in Windows Explorer.
[April 12, 2006, 9:20]
ActiveX Flaw Exposes Flash Users To Hackers
News Marc Maiffret, chief hacking officer at eEye, attributed the Macromedia Flash flaw to a buffer overflow vulnerability connected to an ActiveX control called Flash.ocx. An exploit has been discovered in Macromedia's Flash player that could let...
[May 3, 2002, 15:56]
Messaging Hygiene At Microsoft: How Microsoft IT Defends Against Spam, Viruses, And E-mail Attacks
White Papers The prevalence of spam, phishing and malicious code (including viruses, worms, Trojan horses, macros, scripts, and unauthorized ActiveX controls) continues to be a growing concern for anyone who connects to the Internet or uses e-mail.
[June 2, 2006, 1:00]
Browser Fortress Online Privacy, Security & Anonymity
Downloads Block pop-ups, erase cookies instantly, and block ActiveX controls, which can harbor malicious code (viruses); most sites will function properly with ActiveX Controls disabled. Block invasive code (JavaScript); though JavaScript can provide helpful...
[March 26, 2004, 5:01]
Code Signing Best Practices
White Papers Earlier versions of Windows used digital signatures to discourage users from installing anonymous Microsoft ActiveX controls, download packages, executable files, and drivers from untrusted sources. Microsoft is committed to implementing new ways...
[November 22, 2006, 0:00]
AntiHook Windows 2000/XP/2003 Server
Downloads BHOs, ActiveX), malware modifying the memory space of an external application and executing malicious code, kernel rootkits that maliciously alter the Windows operating system, registration of programs for loading on PC start-up or when the user...
[August 30, 2006, 21:46]
Finjan Plans Applet Blocking Dominance
News Finjan's technology for inspecting and blocking malicious ActiveX and Java applets is quickly becoming a standard with Cisco recently joining Finjan's Java Security Alliance (JSA) and saying it will integrate Finjan code in its firewall product line.
[August 26, 1997, 10:29]
Microsoft Blames Users For Vista Infections
News If I, despite all prompting and consent behaviour, choose to go to a (probably dodgy) website, accept the ActiveX control prompts to download (probably dodgy) code and I actually choose to execute that code then I'm hosed.
[May 15, 2008, 13:58]
New Hotmail Hole Discovered
News While it's long been known that active Web applets, whether written in ActiveX or Java, have the potential to pry open systems from the inside, this is the first case in which someone has shown that Hotmail is vulnerable to such attacks.
[September 14, 1999, 9:06]
Worms Sing An Ode To Security
News Inserting URLs into your digital media files and embedding the Windows Media Player ActiveX control in a Web page results in a powerful, synchronised presentation that is organised and convenient for your audience," reads a Microsoft Web page on...
[February 27, 2002, 14:13]
ActiveX 'feature' Puts Office At Risk
News The issue relates to the ability to load ActiveX controls in an Office document and is not a vulnerability but an Office feature, a Microsoft representative said. An ActiveX control is a small application typically used to make Web sites more...
[June 23, 2006, 8:55]
Microsoft Patches Serious IE Flaws
News The browser security update will make it impossible to run older versions of an ActiveX control released by the record label. One of the other flaws is also deemed critical, but Microsoft said it is not aware of any malicious code that takes...
[December 14, 2005, 9:00]
Symantec Closes NIS Back Door
News The flaw occurs in an ActiveX component used by security firm Symantec's flagship desktop security program, Norton Internet Security, according to an advisory published by research firm NGSSoftware. Symantec's Antispam software has a similar issue...
[March 22, 2004, 8:45]
