Disabling "Sony XCP software" ActiveX


....there are also some questions regarding the ActiveX control that was released by Sony to allow the removal of the rootkit. It's been reported that this ActiveX control contains vulnerabilities. We wanted to remind customers that they can block any specific ActiveX control from running in Internet Explorer themselves. To do this, all that’s needed is setting a registry key entry called a “kill-bit.” Information on how to do this is in the following KB: http://support.microsoft.com/kb/240797. Our investigation shows that this ActiveX control uses the CLSIDs of {80E8743E-8AC5-46F1-96A0-59FA30740C51} and {4EA7C4C5-C5C0-4F5C-A008-8293505F71CC}. We'd like to remind customers that while they need to be careful when editing the registry, the kill-bit mechanism can help protect them from any risks associated with this ActiveX control. Welcome to the Microsoft Security Response Center Blog! : Disabling an ActiveX

Linked by shanmuga Thursday, 17th November 2005 9:32PM