| Most of this page uses content from Wikipedia. The original article was at Killbit. The page may have contained some inaccurate or outdated information, so please edit it so it contains better information.|
The list of authors can be seen in the page history. As with Malware Wiki, the text of Wikipedia is available under the Creative Common Attribution-ShareAlike 3.0 License.
Remove this template when most of the Wikipedia content has been removed or the Wikipedia information is outnumbered by non-Wikipedia information.
The main purpose of a killbit is to close security holes. If a vendor discovers that there is a security hole in a specific version of an ActiveX control, they can request that Microsoft put out a "killbit" for it. Killbit updates are typically deployed to Microsoft Windows operating systems via Windows Update.
A killbit is a flag in the Windows Registry that marks a GUID as being unsafe. The GUID acts as a serial number for the software in question - a unique GUID must exist for each potential piece of software that behaves as an ActiveX control. If Internet Explorer finds that the GUID of a killbit entry matches the GUID of the software, then the software cannot be run by Internet Explorer. If a vendor wants to release an updated version, they release it with a different GUID.
Microsoft Office also makes use of killbits to determine if an object embedded within a document may be loaded.