Computer Security Wiki
Smallwikipedialogo.png Most of this page uses content from Wikipedia. The original article was at Killbit.
The list of authors can be seen in the page history. As with Computer Security Wiki, the text of Wikipedia is available under the GNU Free Documentation License.
Remove this template when most of the Wikipedia content has been removed or the Wikipedia information is outnumbered by non-Wikipedia information.

Killbit is a term that refers to a security feature in Microsoft's Internet Explorer web browsers. A killbit instructs the browser to never use a specific piece of ActiveX control software whether third-party or Microsoft, identifying it by a number.

The main purpose of a killbit is to close security holes. If a vendor discovers that there is a security hole in a specific version of an ActiveX control, they can request that Microsoft put out a "killbit" for it. Killbit updates are typically deployed to Microsoft Windows operating systems via Windows Update.

A killbit is a flag in the Windows Registry that marks a GUID as being unsafe. The GUID acts as a serial number for the software in question - a unique GUID must exist for each potential piece of software that behaves as an ActiveX control. If Internet Explorer finds that the GUID of a killbit entry matches the GUID of the software, then the software cannot be run by Internet Explorer. If a vendor wants to release an updated version, they release it with a different GUID.

Microsoft Office also makes use of killbits to determine if an object embedded within a document may be loaded.


External links[]

  1. Microsoft KB240797: How to stop an ActiveX control from running in Internet Explorer (August 24, 2007)
  2. Microsoft Technet: The Kill-Bit FAQ