This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Killbit" – news · newspapers · books · scholar · JSTOR (August 2013) (Learn how and when to remove this message) |
Killbit is a security feature in web browsers based on Microsoft's Trident engine (such as Internet Explorer) and other ActiveX containers that respect the killbit (such as Microsoft Office).[1] A killbit instructs an ActiveX control container never to use a specific piece of ActiveX software, whether third-party or Microsoft, as identified by its class identifier (CLSID).
The main purpose of a Killbit is to close security holes. If a vendor discovers that there is a security hole in a specific version of an ActiveX control, they can request that Microsoft put out a "Killbit" for it. Killbit updates are typically deployed to Microsoft Windows operating systems via Windows Update.
Implementation
[edit]A flag in the Windows Registry identifies a CLSID as unsafe. The CLSID (a type of a GUID) acts as a serial number for the software in question. It must exist for each piece of software that behaves as an ActiveX control. If an ActiveX container finds that the CLSID of a Killbit entry matches the CLSID of the software, the software is blocked from running in the ActiveX container. If a vendor wants to release an updated version then they release it with a different CLSID.
Internet Explorer's HTML application host also respects the killbit when processing the OBJECT tag in HTML, but not when processing scripts in HTML.
References
[edit]- ^ "Security Settings for COM objects in Office - Microsoft Support". support.microsoft.com. Retrieved 2025-09-11.
External links
[edit]- Microsoft KB240797: How to stop an ActiveX control from running in Internet Explorer (August 24, 2007)
- Microsoft Technet: The Kill-Bit FAQ
