Security's Everyman

Security's Everyman

Tuesday, February 05, 2008

ActiveX Vulnerabilities

As many of you are aware Symantec recently announced that several ActiveX vulnerabilities exist that have to do with image uploaders in many social network sites. The current recommended fix is to set the kill bit on each of the CLSID's. If you have ever done this manually it can be time consuming if you have several machines to do it on. The other option is to make the changes on one system and then export those registry keys out and import them to the other machines.

One of the SANS Handlers, Tom Listen, has released a tool that will allow you to manually make these changes via either GUI or CLI. I've tested both and find them to be very easy to use and a time saver. The command line version probably can be used via script or pushed out via AD although I have not tried this.

If you are interested in giving it a try you can find his write up and download the tool here.

Creative Commons License
This work is licensed under a Creative Commons Attribution-NC-SA 3.0.