Vulnerability Analysis Blog

July 2009 Archives

Internet Explorer Kill-Bits

By Will Dormann on July 31, 2009 3:18 PM | Permalink

The Kill-Bit (or "killbit") is a Microsoft Windows registry value that prevents an ActiveX control from being used by Internet Explorer. More information is available in Microsoft KB article 240797. If a vulnerability is discovered in an ActiveX control or COM object, a common mitigation is to set the killbit for the control, which will cause Internet Explorer to block use of the control. Or will it?

Continue reading Internet Explorer Kill-Bits

Categories: Analysis, Discovery, Web

Mitigating Slowloris

By Ryan Giobbi on July 1, 2009 12:18 PM | Permalink

Slowloris is a denial-of-service (DoS) tool that targets web servers. We have some suggestions about mitigation techniques and workarounds to protect your server. However, use caution if you implement any of these suggestions because they will likely have some unintended side effects.

Continue reading Mitigating Slowloris

Categories: Analysis

« June 2009 | Main Index | Archives | August 2009 »

The content on this site is made available on an "as is" basis without any warranties and solely for your personal viewing. Carnegie Mellon University is not liable for any consequences arising out of your use of such materials.

Vulnerability Analysis Blog

July 2009 Archives

Internet Explorer Kill-Bits

Mitigating Slowloris

Recent Entries

Categories

Search this Blog

Related Links

Subscribe

Feedback