activex questions

From: JoshB (metrix007@yahoo.com)
Date: 04/10/03


From: metrix007@yahoo.com (JoshB)
Date: 10 Apr 2003 07:22:30 -0700

HI,

I have been researching this, and there are some things that are not
clear.

By default, is it possible for hostile active code to execute without
user interaction, not including vulnerabilities?

What exactly is activex scripting capable of, I notice it is suggested
to enable it, and it is enabled by default.

ACtivex has complete control of target system?

Is it possible to "spoof" activex controls, so if one purports to be
from a trusted corp, ie ms, it will automaticly run without user
interaction?

Are there any examples of pages that can automaticly run code, install
spyware etc without user interaction, and without taking advantaged of
vulnerabilities?

I had assumed the above was possible, and a *lot* of people do,
however I am unable to find evidence of this..

Thanks for any explanations.



Relevant Pages

  • Re: Deep Throat
    ... One is the Throat Trojan and the other ... >Port 1025 will have to be open to out bound traffic, ... >Your browser will be checked for installed ActiveX ... Invocation of secure ActiveX controls ...
    (microsoft.public.security.virus)
  • Re: Deep Throat
    ... You computer is scanned for open ports now. ... Your browser will be checked for installed ActiveX ... Visual Basic Script (VBScript) Test: ... Invocation of secure ActiveX controls ...
    (microsoft.public.security.virus)
  • Re: How to install a cab(ActiveX) file manually?
    ... You don't mention the version of Windows you are using, ... If the Security level is set to high then it will be blocking ActiveX ... View the Browsers How-to regarding updating your browser security settings. ... Initialize and script ActiveX Controls not marked as safe>set to Disable ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • RE: Active X error attempting to connect to RDP through RWW
    ... Microsoft CSS Online Newsgroup Support ... This newsgroup only focuses on SBS technical issues. ... |> be preventing you from downloading ActiveX controls" If I am off-base ...
    (microsoft.public.windows.server.sbs)
  • RE: Active X error attempting to connect to RDP through RWW
    ... Microsoft CSS Online Newsgroup Support ... This newsgroup only focuses on SBS technical issues. ... |> be preventing you from downloading ActiveX controls" If I am off-base ...
    (microsoft.public.windows.server.sbs)