Microsoft Drops IE's 'Click to Activate' ActiveX Controls

["Paul Ferguson" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Via ComputerWorld.

[snip]

Microsoft Corp. will strip a "click to activate" warning from Internet
Explorer 7 starting next month, a company product manager said yesterday, a
side benefit of the settlement that Microsoft struck with Eolas
Technologies Inc. in August.

Next month, Microsoft will preview the modified Internet Explorer (IE) that
eliminates the warning that's been popping up on screens when users select
multimedia content, such as clicking on a link to a Flash file or a PDF
document. That notice first appeared in IE in April 2006, when Microsoft
began requiring users to approve ActiveX controls the first time they were
run from the browser.

[snip]

More:
http://computerworld.com/action/article.do?command=viewArticleBasic&article
Id=9046245

So, does this mean that malicious ActiveX controls can now be
installed automagically?

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFHNiyuq1pz9mNUZTMRAi64AKCs+CJ9c73ZFgDgyinAJeupPfB5bgCgxzeO
5foaC0SIxLKOcGM2FPf7zbg=
=1ANZ
-----END PGP SIGNATURE-----



--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.