New bug a day project targets Microsoft's ActiveX

Another bug a day campaign surfaced yesterday as the "Month of ActiveX Bugs" debuted. Although some researchers have already dismissed the project as copycat, others are warning its findings might put Windows users at risk of attack.

The sparse postings so far on the Month of ActiveX Bugs (MoAxB) site by someone identified as "shinnai" hint that the majority of the vulnerabilities will be denial-of-service (DoS) flaws that can cause the running application and/or operating system to crash, forcing a relaunch or restart.

ActiveX is a Microsoft Corp. technology for enhancing and customizing Web pages to make them more interactive. ActiveX is used for a bewildering array of chores, from initiating Microsoft's Windows Update to adding streaming media to a Web site. New bug-a-day project targets Microsoft's ActiveX

Linked by shanmuga Friday, 4th May 2007 1:58AM