AcitveX Killbits Listing

Posted on 2011-04-18
Last Modified: 2012-05-11
Hello all,
For one of my clients the canned EMR software cannot have the ActiveX Killbits updates from Microsoft or it will cause the screen on the software to not show up correctly.  
Is there a way to get a listing of all AcitveX Killbits that have been released from Microsoft for both Windows XP and Windows 7?
Question by:chillepod
    LVL 61

    Expert Comment

    dranzer from cert does listing and testing of activex controls.
    secunia psi does scan for security updates for non-microsoft programs.
    app vendor should be able to know which control is used and which update is needed to avoid blacklisting.
    LVL 38

    Expert Comment

    by:Rich Rumble (see the bottom for kill-bit FAQ)Kill-bits are located in the registry:
    x86 IE / x86 OS: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\CLSID of the ActiveX control

    x64 IE / x64 OS: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\CLSID of the ActiveX control

    x86 IE / x64 OS: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\CLSID of the ActiveX control
    And they have a Compatibility Flag value of 0x00000400
    Here is a simple query you can do:
    From a command prompt:
    Reg.exe QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility" /f 1024 /t REG_DWORD /s >c:\Output.txt
    That will send all the output to a txt file called output.txt on your C:
    Change the Registry path if needed, you can so do this against remote machines, see "reg.exe /?"  help if you need more syntax.
    LVL 44

    Accepted Solution

    For what it's worth, the kill bits update last week was KB2508272.

    If you follow the IT Professionals link in that KB article to
    and expand the Third-Party Kill Bits section, it shows that update prevents the activex CLSID's


    from running in IE.

    Anyway, you might want to contact the software's creators for a workaround.  Because overriding kill bits that prevent unauthenticated access could be a violation of HIPAA laws. (or maybe EMR means something other than electronic medical records?)

    Author Closing Comment

    That is what I was looking for.

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    So many times I have seen the words written in a question "if only I could show you" or " I know how hard it is for you since you can't see it" in any zone. That has inspired me to write about this tool in windows 7 called "Problem Steps Recorder…
    If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
    This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
    This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now