Welcome Guest! You need to login or register to make posts.



Go to last post Go to first unread
#1 Posted : Wednesday, July 2, 2008 5:32:37 PM(UTC)

Rank: Advanced Member

Groups: Administration
Joined: 3/9/2008(UTC)
Posts: 554

Was thanked: 1 time(s) in 1 post(s)
You have Image Uploader installed on your site and some of your clients complain that ActiveX version does not work. The matter of the problem:
  1. They used Image Uploader on your site before and now it is not shown on the page or
  2. They cannot install Image Uploader. They get ActiveX component warning window in Internet Explorer saying that Image Uploader is about to be installed and then nothing happens. Reloading the page starts the whole scenario over again.

The version of Image Uploader installed on your site is one of the following:
  • Image Uploader 5.0;
  • Image Uploader 4.x before version 4.7;
The listed versions of Image Uploader had security issues. Andrew Simontsev wrote about it on our corporate blog: Another security problem - oh, not again
Now these problems were fixed. But we needed to disable all previous versions because they are not safe. That is why we killbited them.

About killbit .
As you know, each ActiveX control (including IU) is identified with CLSID. There is a special section in registry where listed CLSIDs of controls which should not be loaded by IE. "To killbit the control" means to put CLSID of this control into this section. And then Windows prevents Internet Explorer from starting these controls. More information on this can be found in Microsoft Knowledge Base.
Here are two ways how Image Uploader can be killbited:
  • Image Uploader killbit was automatically set when new Image Uploader is installed.
  • Image Uploader killbit will be included in Microsoft security bulletin. So it will be installed automatically through their update system.
Most probably your clients experiencing this problem installed new version of Image Uploader from another site, and that is why your version was killbited.

To resolve this problem you should install new version of Image Uploader with new CLSID:
  • If you have version 4, you need to download Image Uploader 4.7 in Legacy products section.
  • If you have version 5, you need to download the latest 5.x version from our site.

Edited by user Thursday, December 4, 2008 2:07:23 PM(UTC)  | Reason: Not specified

Aurigma Support Team

UserPostedImage Follow Aurigma on Twitter!
#2 Posted : Thursday, August 14, 2008 3:43:26 PM(UTC)

Rank: Advanced Member

Groups: Member, Administration
Joined: 8/2/2003(UTC)
Posts: 876

Thanks: 2 times
Was thanked: 27 time(s) in 27 post(s)
Update: on August 12, 2008 Microsoft has released killbit in a security update KB953839. So end users will suffer from this problem not just when someone install fresh version on some website, but also after installing this security update.

It means that if you did not update Image Uploader to 4.7 or 5.1 yet, it is a high time to do it right now.

I have just written more detailed post about it.
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.