Jump to content

Killbit

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Rexogamer (talk | contribs) at 12:40, 27 December 2021 (Adding short description: "Security feature in Microsoft browsers" (Shortdesc helper)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Killbit is a security feature in web browsers based on Microsoft's Trident engine (such as Internet Explorer) and other ActiveX containers that respect the killbit (such as Microsoft Office). A killbit instructs an ActiveX control container never to use a specific piece of ActiveX software, whether third-party or Microsoft, as identified by its class identifier (CLSID).

The main purpose of a killbit is to close security holes. If a vendor discovers that there is a security hole in a specific version of an ActiveX control, they can request that Microsoft put out a "killbit" for it. Killbit updates are typically deployed to Microsoft Windows operating systems via Windows Update.

Implementation

A flag in the Windows Registry identifies a CLSID as unsafe. The CLSID (a type of a GUID) acts as a serial number for the software in question. It must exist for each piece of software that behaves as an ActiveX control. If an ActiveX container finds that the CLSID of a killbit entry matches the CLSID of the software, the software is blocked from running in the ActiveX container. If a vendor wants to release an updated version then they release it with a different CLSID.

Internet Explorer's HTML application host also respects the killbit when processing the OBJECT tag in HTML, but not when processing scripts in HTML.

Stub icon

This security software article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Killbit&oldid=1062273621"