Access交流网
  • 设为首页|收藏本站|繁体中文|手机版
  •     
  • Access培训-Access开发平台-Access行业开发

  • 首页
  • 资讯
  • 技巧
  • 源码
  • 行业
  • 资源
  • 产品
  • 活动
  • 培训
  • 招聘
  • 论坛
  • 商城
  • 关于

技巧

ACCESS数据库

启动/设置/选项/背景

修复/压缩

安全/加密/解密

快捷键

版本升级/其它等

数据表

命名方式/设计规范

表设计

查询

Sql语言基础

选择查询

更新查询

删除查询

追加查询

生成表查询

交叉表查询

SQL特定查询

查询参数

查询综合应用

界面/窗体/控件

标签

文本框

命令按钮

组合框/列表框

选项组/复选框/选项按钮

选项卡

子窗体

窗体本身/综合应用

其它

报表打印

报表设计

高级报表

模块/函数/VBA/API/系统

VBA基础

内置函数

调试/跟踪/Debug

模块/类模块

API/COM/系统相关

字符数字日期

网络通信游戏

加密解密安全

文件处理

经典算法

宏/菜单/工具栏/功能区

宏/脚本

菜单/工具栏

功能区/Ribbon

图表/图形/图像/多媒体

图表

图形/图像

音频

视频/动画

DAO/链接表/ADO/ADP

DAO/链接表/ODBC

ADO/RDO

ADP

ActiveX/第三方控件/插件

Treeview树控件

ListView列表控件

Toolbar工具栏控件

微软其它控件

Dbi-Tech

CodeJock

Grid++Report

FastReport

ComponentOne

加载项/插件/Addin

OFFICE集成/导入导出/交互

Excel导入导出/交互

Word导入导出/交互

PPT交互

Outlook控制/邮件

Text文本文件/INI/CSV

PDF/SWF/XML格式

CAD格式

Sharepoint/其它Office

SqlServer/其它数据库

表

视图

存储过程/触发器

函数

用户/权限/安全

调试/维护

SqlServer其它/综合

发布/打包/文档/帮助

开发版/运行时

打包/发布/部署

开发文档/帮助制作

Access完整行业系统

采购管理系统

销售管理系统

仓库管理系统

人力资源管理HRM

CRM管理系统

MRP/ERP管理系统

BRP/流程优化

其它管理系统

心得/经验/绝招
其它/杂项
Excel技巧

Excel应用与操作

Excel开发编程

Word技巧

Word应用与操作

Word开发编程

Outlook技巧

Outlook应用与操作

Outlook开发编程

热门文章

  • The Kill-Bit FAQ: Part 3 o..
  • datagrid想得到所在..
  • Access的Treevi..
  • [技巧]如何导出Image..
  • Access Treevi..
  • TreeView控件使用教..

最新文章

  • 在Access中使用Fon..
  • 完美解决“无法装载这个对象..
  • 快速学习Treeview树..
  • 一个可免注册的Access..
  • Access如何添加引用及..
  • 锐浪报表(Grid++Re..

联系方式

Access交流网

电  话:0760-88315075
热  线:0760-88315075

邮  编:528463
咨询QQ:1918333016
营销QQ:4008553990

Email:1918333016@qq.com

网  址:www.access-cn.com

当前位置:首页 > 技巧 > ActiveX/第三方控件/插件
ActiveX/第三方控件/插件

The Kill-Bit FAQ: Part 1 of 3

原文: http://blogs.technet.com/b/srd/archive/2008/02/06/the-kill_2d00_bit-faq_3a00_-part-1-of-3.aspx


It is very common for Microsoft security bulletins to include “Kill-Bits” to disable individual ActiveX controls / COM objects. Here is the first part of a three-part FAQ we have developed to answer some questions around the Kill-Bit and related functionality.

The Kill-Bit FAQ – Part 1 of 3

What is the Kill-Bit?

The Kill-Bit (a.k.a. “killbit”) is not actually a bit. The Kill-Bit is a registry entry for a particular CLSID that marks the COM object / ActiveX control referenced by that CLSID as non-loadable in the browser and other scriptable environments. Microsoft releases Kill-Bits in security updates to block vulnerable ActiveX controls and COM objects which are vulnerable to security flaws when hosted in the browser.

Issuing a Kill-Bit for the control marks that particular control as forbidden to instantiate in the browser. Issue a Kill-Bit by setting the Compatibility Flags value to 0x400 for a control in the registry as described in KB Article 240797.

Where are Kill-Bits in the registry?

Kill-bits are located in the registry: 
x86 IE / x86 OS: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\CLSID of the ActiveX control

x64 IE / x64 OS: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\CLSID of the ActiveX control

x86 IE / x64 OS: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\CLSID of the ActiveX control

(3/11/2009 Update: added detail on x86 / x64 scenarios)

clip_image002

 

Warning - Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Modify the registry at your own risk.

Note that not all CLSIDs listed in this location are killed, only controls containing 0x400 in the Compatibility Flags DWORD value. The acceptable values for Compatibility Flags are documented here. 
If you are setting a Kill-Bit, you may want to ensure that you don’t wipe out any existing Compatibility Flags set for the CLSID being killed. If you are removing a CLSID, to preserve any pre-existing Compatibility Flags, subtract 0x400 from the Compatibility Flags DWORD value and only remove the CLSID key if the Compatibility Flags value was set to 0x400 exactly.

What applications respect the Kill-Bit?

The Kill-Bit is respected in Internet Explorer (all zones) and also in Microsoft Office scenarios where objects are embedded within documents. The Kill-Bit should also be effective by default in any other application or platform that hosts the IE browser’s rendering engine (MSHTML). A notable exception are HTAs – with an HTA it is already possible to load unsafe controls and run arbitrary code. HTAs are an unsafe file type.

(3/11/2009 Update: HTAs do currently respect the Kill-Bit for objects instantiated via the OBJECT tag.  The Kill-Bit is not respected when HTAs instantiate objects in script.  Thanks to Nicolas Noakes for reporting this. The Kill-Bit behavior within HTAs may change in the future to become more consistent.)

A control could conceivably have a flaw so severe that a Kill-Bit does not effectively block all attack vectors. For example, imagine a control that is found to implement a web server which suffers from a buffer overrun in the code responsible for parsing web requests. In this case, a code fix must be issued – simply implementing a Kill-Bit will not provide a comprehensive solution because any application which uses the control is exposed to the vulnerability.

If an application or platform hosts controls and allows those controls to effectively be driven by untrusted data, that environment should respect Safe for Scripting, Safe for Initialization and Kill-Bit logic. Otherwise, the environment should provide some other equivalently or more restrictive policy, such as an allow-list of known-good scriptable objects.

Why does my vulnerable control / object need a Kill-Bit?

Kill-Bits must be issued to prevent old / vulnerable signed versions of controls from being effectively foisted on users. Even if a user has a fixed version of the control on their system, a renamed / signed DLL or OCX served from a malicious web page could revert their machine to an insecure state.

Additionally, the “Always trust content from…” checkbox on the Authenticode dialog box, if checked for a particular trusted publisher, could allow old / vulnerable signed versions of controls to install silently. Otherwise, the victim of such an attack would be presented with an Authenticode dialog from a presumably trustworthy publisher. Once the old / vulnerable control is installed, the attacker can immediately script to it.

Kill-Bits are effective regardless of their origin but obviously wider distribution of a Kill-Bit ensures more comprehensive protection. If you would like Microsoft to distribute a Kill-Bit in Windows on your behalf, contact the MSRC and include details on the CLSID(s) in question.

What is the relationship between an OBJECT tag’s CLSID and CODEBASE attributes?

It is possible to specify any CLSID paired with any CODEBASE in an OBJECT tag. If that CLSID isn’t already registered, IE will attempt to download the control specified in the CODEBASE attribute of the OBJECT tag. It isn’t feasible for IE to know what control a package installs before that package is actually installed.

Will controls with the Kill-Bit still load in other applications?

Yes. See “What applications respect the Kill-Bit?” above.

Is it still possible to download and install an ActiveX control with the Kill-Bit?

Yes. Setting the Kill-Bit on a control only affects that control’s ability to instantiate within Kill-Bit aware hosts such as IE.

- Security Vulnerability Research & Defense Bloggers

*Postings are provided "AS IS" with no warranties, and confers no rights.*

Updates March 11, 2009 - updated blog post and flagged where updates were made.


发布人:admin  
分享到:
点击次数:  更新时间:2013-10-01 21:03:34  【打印此页】  【关闭】
上一条:The Kill-Bit FAQ: Part 2 of 3  下一条:ACCESS EXCEL 一个增强Treeview 节点编辑能力的类模块



相关文章

  • • 在Access中使用Font Awesome字符图标
  • • 完美解决“无法装载这个对象”的困扰
  • • 快速学习Treeview树状控件的详细教程
  • • 一个可免注册的Access增强控件库
  • • Access如何添加引用及调整引用的顺序
  • • 锐浪报表(Grid++Report)的一些开发技巧
  • • Grid++Report 锐浪报表开发常见问题解答集锦
  • • RichTextbox控件RTF(富文本格式)的使用及常用语法

热门文章

  • [2016-08-27] RichTextbox控件RTF(富文本格式)的使用及常用语法access数据库
  • [2006-09-16] 三小时掌握TREEVIEW控件access数据库
  • [2016-09-27] Grid++Report 锐浪报表开发常见问题解答集锦access数据库
  • [2013-10-01] windows 7或其它windows 64位系统里Treeview注册的问题(mscomctlaccess数据库
  • [2009-04-18] TreeView控件使用教程3access数据库
  • [2016-09-27] 锐浪报表(Grid++Report)的一些开发技巧access数据库

热门产品

  1. 通用票据打印软件

    通用票据打印软件

  2. 较强的日程管理功能源码(新版)

    较强的日程管理功能源码(新版)

  3. 通用POS软件

    通用POS软件

公司动态|在线留言|在线反馈|联系我们|友情链接|会员中心|站内搜索|网站地图

中山市天鸣科技发展有限公司 版权所有 1999-2018 粤ICP备10043721号

广东省中山市西苑广场富贵阁20楼A座

电话:0760-88315075 手机:13928102596 QQ:1918333016

Access应用 Access培训 Access开发 Access平台

access|数据库|access下载|access教程|access视频|access软件

Powered by MetInfo 5.3.12 ©2008-2022  www.metinfo.cn