Executive Summary
Summary | |
---|---|
Title | Update Rollup for ActiveX Kill Bits |
Informations | |||
---|---|---|---|
Name | KB953839 | First vendor Publication | 2008-08-12 |
Vendor | Microsoft | Last vendor Modification | 2009-03-11 |
Severity (Vendor) | N/A | Revision | 1.3 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | Not Defined | Attack Range | Not Defined |
Cvss Impact Score | Not Defined | Attack Complexity | Not Defined |
Cvss Expoit Score | Not Defined | Authentication | Not Defined |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft is releasing a new set of ActiveX kill bits with this advisory. The update includes kill bits for the following third-party software:
For more information about installing this update, see Microsoft Knowledge Base Article 953839. General InformationOverviewPurpose of Advisory: Notification of the availability of an update of ActiveX kill bits. Advisory Status: Microsoft Knowledge Base Article and associated update were released. Recommendation: Review the referenced Knowledge Base Article and apply the appropriate update.
This advisory discusses the following software.
Frequently Asked QuestionsDoes this update replace the Cumulative Security Update of ActiveX Kill Bits (950760)? Do users with a Windows Server 2008 Server Core installation need to install this update? Why is Microsoft releasing this Update Rollup for ActiveX Kill Bits with a security advisory when previous kill bit updates were released with a security bulletin? Why does this advisory not have a security rating associated with it? Does this update contain kill bits that were previously released in a Cumulative Security Update of ActiveX Kill Bits? Does this update contain kill bits that were previously shipped in an Internet Explorer security update? What is a kill bit? For more information, see Microsoft Knowledge Base Article 240797: How to stop an ActiveX control from running in Internet Explorer. What is a security update of ActiveX kill bits? Why does this update not contain any binary files? Should I install this update if I do not have the affected component installed or use the affected platform? Do I need to reapply this update if I install an ActiveX control discussed in this security update at a later date? What does this update do? The following Class Identifiers relate to a request by Aurigma to kill bit a list of Class Identifiers that are vulnerable. Further details can be found in the advisory issued by Aurigma:
The following Class Identifiers relate to a request by HP to kill bit a list of Class Identifiers that are vulnerable. Further details can be found in the advisories (c01422264) and (c01439758) issued by HP:
Suggested ActionsReview the Microsoft Knowledge Base Article that is associated with this advisory Microsoft encourages customers to install this update. Customers who are interested in learning more about this update should review Microsoft Knowledge Base Article 953839. WorkaroundsWorkaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality:
|
Original Source
Url : http://www.microsoft.com/technet/security/advisory/953839.mspx |
Alert History
Date | Informations |
---|---|
2020-12-09 21:23:56 |
|
2020-12-08 21:24:01 |
|
2014-02-17 11:38:46 |
|
2014-01-19 21:29:41 |
|
2013-02-06 19:08:07 |
|