Executive Summary
Summary | |
---|---|
Title | Update Rollup for ActiveX Kill Bits |
Informations | |||
---|---|---|---|
Name | KB969898 | First vendor Publication | 2009-06-09 |
Vendor | Microsoft | Last vendor Modification | 2009-06-17 |
Severity (Vendor) | N/A | Revision | 1.1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | Not Defined | Attack Range | Not Defined |
Cvss Impact Score | Not Defined | Attack Complexity | Not Defined |
Cvss Expoit Score | Not Defined | Authentication | Not Defined |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft is releasing a new set of ActiveX kill bits with this advisory. The update includes a kill bit from a previously published Microsoft Cumulative Update:
The update also includes kill bits for the following third-party software:
For more information about installing this update, see Microsoft Knowledge Base Article 969898. General InformationOverviewPurpose of Advisory: Notification of the availability of an update of ActiveX kill bits. Advisory Status: Microsoft Knowledge Base Article and associated update were released. Recommendation: Review the referenced Knowledge Base Article and apply the appropriate update.
This advisory discusses the following software.
Frequently Asked QuestionsDo users with a Windows Server 2008 Server Core installation need to install this update? Why does this advisory not have a security rating associated with it? Does this update replace the Cumulative Security Update of ActiveX Kill Bits (950760)? Why is Microsoft releasing this Update Rollup for ActiveX Kill Bits with a security advisory when previous kill bit updates were released with a security bulletin? Does this update contain kill bits that were previously released in an Update Rollup for ActiveX Kill Bits? Does this update contain kill bits that were previously released in an Internet Explorer security update? What is a kill bit? For more information, see Microsoft Knowledge Base Article 240797: How to stop an ActiveX control from running in Internet Explorer. What is a security update of ActiveX kill bits? Why does this update not contain any binary files? Should I install this update if I do not have the affected component installed or use the affected platform? Do I need to reapply this update if I install an ActiveX control discussed in this security update at a later date? What does this update do? The following Class Identifiers relate to the MSCOMM32.OCX ATL Loader control addressed in the Microsoft Visual Basic 6.0 Service Pack 6 Cumulative Update (KB957924):
The following Class Identifier relates to a request by Microgaming to set the kill bit for a Class Identifier that is vulnerable. Further details can be found in the security release issued by Microgaming:
The following Class Identifier relates to a request by eBay to set the kill bit for a Class Identifier that is vulnerable. Further details can be found in the security release issued by eBay:
The following Class Identifier relates to a request by HP to set the kill bit for a Class Identifier that is vulnerable. Further details can be found in the security release issued by HP:
Suggested ActionsReview the Microsoft Knowledge Base Article that is associated with this advisory Microsoft encourages customers to install this update. Customers who are interested in learning more about this update should review Microsoft Knowledge Base Article 969898. WorkaroundsWorkaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality:
|
Original Source
Url : http://www.microsoft.com/technet/security/advisory/969898.mspx |
Alert History
Date | Informations |
---|---|
2014-02-17 11:38:47 |
|
2014-01-19 21:29:42 |
|
2013-02-06 19:08:08 |
|