Microsoft Corp. immediately issued emergency patches for its popular Windows OS after their researchers found an alley that could bypass without being detected the security mechanism in the browser of the Internet Explorer.
In a statement, Microsoft researchers David Dewey, Ryan Smith, and Mark Dowd said that they will demonstrate the exact way to bypass the “kill-bit” security mechanism during their talk at the Black Hat conference in Las Vegas, Nevada on Wednesday.
The “Kill-bit” Security mechanism of the Internet Explorer is used to disable any bogus ActiveX controls. This type of program is restricted and not allowed to run on Windows.
Earlier, a video demonstration was released in the web showing how the three top-researchers of Microsoft were able to go in the system without being detected by the mechanism.
After infiltrating the user’s computer, the researchers then showed how criminals can exploit the ActiveX control and run malicious and unauthorized programs in the user’s computer.
The discovery is vital for Microsoft as hackers can utilized the ActiveX control problems against millions of users, who thought they are already safe from the said program after it has been eradicated by the kill-bits.
However, the three refused to detail the technical aspect of the new patch for security purposes.
Meanwhile, Shavlik Technologies CEO Eric Schultze believe that it is a huge step for Microsoft to immediately issue the patches since most ActiveX controls can execute programs that were not intended to be executed slowing down computers and sometimes the whole system.
Kill-bit is often issued instantly after the detection of a potential attack. It is a quick way to patch the holes in the security system of the Internet Explorer by tagging ActiveX controls with assigned numbers, which is called globally unique identifiers or GUID.
This way, the computer’s kill bit mechanism can detect and put the GUIDs in blacklists so that its harmful components cannot run on Windows.
Related posts: