Flaws in ActiveX controls are being increasingly used to run security exploits
Arbitrary file overwrite and deletion flaws, typically exploited through ActiveX controls, are well on the way to becoming a new class of security flaw, according to net security firm Symantec.
"These vulnerabilities exist particularly because of a registered ActiveX control failing to restrict which domains may load the control for execution. An attack exploiting this vulnerability can lead to arbitrary code execution by a remote attacker," a blog posting by Symantec researcher Parveen Vashishtha warns. Rogue ActiveX controls menace users | Channel Register
Back to: PC Security, privacy news