CERT's ActiveX security report

["Richard M. Smith" <rms () PRIVACYFOUNDATION ORG>]

Hello,

This past summer, CERT sponsored a two-day workshop on
security issues with ActiveX controls.  The
final report was just released today and is
available as a PDF file at the CERT Web site:

    http://www.cert.org/reports/activeX_report.pdf

There is a lot of good information in the report about
how individuals and organizations can reduce security
risks in Internet Explorer when using ActiveX controls.

In addition, there is a section aimed at software
developers on how to create safer controls.

A good bit of the technical information in the report
has not been made public before.

Richard