Potential Security Vulnerability in exteNd Director Standard 4.1 with ActiveX control

  • 3169416
  • 15-Jun-2007
  • 16-Mar-2012

Environment

Novell exteNd Director 4.1
Microsoft Windows 2000 Professional
Microsoft Windows XP Professional
Microsoft Windows 2000
Microsoft Windows 98
Microsoft Windows 95

Situation

Windows workstations that have run Novell Portal Services or Novell exteNd Director 4.1 in the past may have installed an activeX control that could potentially allow for malicious code to run on the workstation.

Resolution

To resolve this problem, create a text file that contains this text (NOTE: use notepad or another text editor, NOT word pad, or a word processor), here's the text:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2B1AA38D-2D12-11D5-AAD0-00C04FA03D78}]
"Compatibility Flags"=dword:00000400

Save the text file and rename it to Novell-Killbit.reg (make sure that it doesn't have a .txt hidden extension)

Next, double click on the .reg file just created, and when prompted to add to the registry, click Yes

The above entry disables the particular activeX control that was at one time used by Novell exteNd Director Standard Edition 4.1

Status

Reported to Engineering
Security Alert