Security Fix - Brian Krebs on Computer and Internet Security - (washingtonpost.com)
An interesting posting on a somewhat neglected area of risk to client machines.
The point that potentially exploitable 3rd party Active X controls will be installed on many, if not all client PC's is a good one.
I've seen companies that more or less successfully patch browsers and audit client software, but I'm not aware of any that track Active X component versions...
Sounds like a good reason to lock down Active X installations on Corporate Clients..


raesene

Security Geek, Penetration Testing, Docker, Ruby, Hillwalking