More information about the Office Web Components ActiveX vulnerability

By / May 9, 2017

image Because this vulnerability can potentially affect the ISA firewall, it’s of special interest to Microsoft security admins.

Note that this is no security issue with the ISA firewall code itself, but rather with an Office Web Component that is installed during the ISA firewall software installation. You’ll see the same code included when you install the ISA firewall console on a management machine.

Please note that when security best practices are followed (that is to say, you never browse from the firewall) then no security issue exists. This further highlights our decade long recommendation that you never use the firewall as a workstation, which means not using the browser to “surf” the Internet from the firewall.

For more information, check out:

http://blogs.technet.com/srd/archive/2009/07/13/more-information-about-the-office-web-components-activex-vulnerability.aspx

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

image
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: [email protected]
MVP – Forefront Edge Security (ISA/TMG/IAG)

Read Next

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top