WinPatrol 2008 ActiveX Beta
Later this week I plan to release the first beta of the next version of WinPatrol, called WinPatrol 2008. This test phase will be limited but you can request access by Emailing firstname.lastname@example.org. Include basic information about your system and any special talents you might have. PLUS members will naturally be given priority but it’s not a requirement.
The big new feature in WinPatrol 2008 will be monitoring and control of your ActiveX components. Even our friends at Symantec recently reported ActiveX account for an overwhelming majority of all browser plug-in vulnerabilities. Microsoft controls made up 79% of the 239 plug-in bugs discovered the last half of 2007. Those problems were followed by Apples’ Quicktime which had 19 vulnerabilities patched last year.
It seems like every week more problems are reported in Quicktime, RealPlayer, Adobe Flash, Sun’s Java or other 3rd party controls. Once the vulnerability is known the risk increases exponentially until a patch is available.
WinPatrol 2008 takes the worry out of waiting for a patch to become available. When a vulnerability is found Scotty will let you disable or set the “kill-bit” on the appropriate control until a new one is made available.
One of the tasks for each tester will be to go through the list of ActiveX controls and just click on PLUS Info. That will provide us with a list of most commonly used controls so our research department can have data available for all PLUS members by release time. Our research director Robin doesn’t know it yet but we’ll all be working a little overtime.