Skip to main content

Setting killbits against zero days through group policy

Randy Franklin Smith at wrote us yesterday about some tips for using adminstrative template files (adm) to rapidly roll-out killbits against various zero days.

We continue to get nailed by ActiveX vulnerabilities including advisories on the XMLHTTP 4.0 and WMI Object Broker ActiveX controls.

This nasty trend of zero-day vulnerabilities leaves you defenseless until Microsoft releases a patch unless you take the time to set the kill bit.

[I recently] pointed out that a custom administrative template would help you to push out kill bits via group policy and subsequently roll them back after associated patches are released and deployed.

Well, don't bother trying to write the custom ADM template, I've already done it for you and shot a video, Death of an ActiveX Control, demonstrating how to install it in about 5 minutes.

It's free and there's no forms to fill out. To watch the video and download the ADM template browse over to (opens in new tab) I can't say the video is as dramatic as its title but I think you'll find the content valuable.

Thanks Randy!

Alex is a technology CEO, with leadership, operating partner, investor, and board member roles at security firms including AutoLoop, Borland, Quarterdeck (now Symantec and Cisco WebEx), GFI/TeamViewer, Sunbelt Software (now ThreatTrack Security), BlueStripe Software, StopBadware, Knowbe4, Malwarebytes, and Runaware Holding AB. When CEO of Sunbelt he ran a security blog, and he still writes on security.