Killbit is a security feature in web browsers based on Microsoft's Trident engine (such as Internet Explorer) and other ActiveX containers that respect the killbit (such as Microsoft Office). A killbit instructs an ActiveX control container never to use a specific piece of ActiveX software, whether third-party or Microsoft, as identified by its class identifier (CLSID).
The main purpose of a killbit is to close security holes. If a vendor discovers that there is a security hole in a specific version of an ActiveX control, they can request that Microsoft put out a "killbit" for it. Killbit updates are typically deployed to Microsoft Windows operating systems via Windows Update.
Implementationedit
A flag in the Windows Registry identifies a CLSID as unsafe. The CLSID (a type of a GUID) acts as a serial number for the software in question. It must exist for each piece of software that behaves as an ActiveX control. If an ActiveX container finds that the CLSID of a killbit entry matches the CLSID of the software, the software is blocked from running in the ActiveX container. If a vendor wants to release an updated version then they release it with a different CLSID.
Internet Explorer's HTML application host also respects the killbit when processing the OBJECT tag in HTML, but not when processing scripts in HTML.
External linksedit
Microsoft KB240797: How to stop an ActiveX control from running in Internet Explorer (August 24, 2007)
: The Kill-Bit FAQ
This security software article is a stub. You can help Wikipedia by expanding it.
killbit, this, article, does, cite, sources, please, help, improve, this, article, adding, citations, reliable, sources, unsourced, material, challenged, removed, find, sources, news, newspapers, books, scholar, jstor, august, 2013, learn, when, remove, this, . This article does not cite any sources Please help improve this article by adding citations to reliable sources Unsourced material may be challenged and removed Find sources Killbit news newspapers books scholar JSTOR August 2013 Learn how and when to remove this message Killbit is a security feature in web browsers based on Microsoft s Trident engine such as Internet Explorer and other ActiveX containers that respect the killbit such as Microsoft Office A killbit instructs an ActiveX control container never to use a specific piece of ActiveX software whether third party or Microsoft as identified by its class identifier CLSID The main purpose of a killbit is to close security holes If a vendor discovers that there is a security hole in a specific version of an ActiveX control they can request that Microsoft put out a killbit for it Killbit updates are typically deployed to Microsoft Windows operating systems via Windows Update Implementation editA flag in the Windows Registry identifies a CLSID as unsafe The CLSID a type of a GUID acts as a serial number for the software in question It must exist for each piece of software that behaves as an ActiveX control If an ActiveX container finds that the CLSID of a killbit entry matches the CLSID of the software the software is blocked from running in the ActiveX container If a vendor wants to release an updated version then they release it with a different CLSID Internet Explorer s HTML application host also respects the killbit when processing the OBJECT tag in HTML but not when processing scripts in HTML External links editMicrosoft KB240797 How to stop an ActiveX control from running in Internet Explorer August 24 2007 Microsoft Technet The Kill Bit FAQ nbsp This security software article is a stub You can help Wikipedia by expanding it vte Retrieved from https en wikipedia org w index php title Killbit amp oldid 1186222133, wikipedia, wiki, book, books, library,
