search menu icon-carat-right cmu-wordmark

ActiveX Vulnerability Discovery at the CERT/CC

Will Dormann

Hi, it's Will. Anybody who has been keeping an eye on the US-CERT Vulnerability Notes has probably noticed that I've published a lot of ActiveX vulnerabilities. So it should be no surprise to learn that we have been testing ActiveX controls and discovering vulnerabilities in the process.

Almost all of the ActiveX vulnerabilities that I have uncovered were discovered with a tool developed at CERT called Dranzer. We have recently published a paper called Vulnerability Detection in ActiveX Controls through Automated Fuzz Testing. This paper describes the various attack surfaces of ActiveX controls, the techniques used to test those attack surfaces, and also some results obtained by testing a large number of downloaded ActiveX controls. It may also give some insight into why the Securing Your Web Browser document suggests disabling ActiveX in the Internet Zone of Internet Explorer.

Get updates on our latest work.

Each week, our researchers write about the latest in software engineering, cybersecurity and artificial intelligence. Sign up to get the latest post sent to your inbox the day it's published.

Subscribe Get our RSS feed