When using Windows Update in Windows ME, I'm getting an ActiveX control not marked as safe error. Why might that be? I'm sure it would be signed if it is from Microsoft... Is that a false error report or possibly a hack trying to run an unsigned control? How can I find out which ActiveX control is giving that error? Thank you.

On Tue, 01 Jun 2004 16:11:06 GMT,"=?Utf-8?B?WWFzb28=?="
> penned this whopper in
microsoft.public.windowsme.general

> When using Windows Update in Windows ME, I'm getting an ActiveX
> control not marked as safe error. Why might that be? I'm sure it
> would be signed if it is from Microsoft... Is that a false error
> report or possibly a hack trying to run an unsigned control? How can
> I find out which ActiveX control is giving that error? Thank you.
>

Oddly, it isn't uncommon for them to not sign all their software. If you
have details of what the exact control is, someone could give you a clue.
Some of them were signed with outdated signatures too, leading to the
warning.

--
"Time will bring to light whatever is hidden;
it will cover up and conceal what is now shining in splendor."
Horace (65 - 8 BC); Roman poet.

Mike

iuctl.dll (in WINDOWS\System)
iuengine.dll (in WINDOWS\System)
iuctl.inf ( in WINDOWS\Downloaded Program Files. It is called
UpdateClass)

The above are the software controls(ActiveX) for the Windows Update
site. They might not be signed correctly.
Are you getting the message from within Windows or your antivirus
program ?
Do you have the Default setting enabled for Internet Explorer ? Open
Internet Options via the Control Panel, click the Security tab.
Click once on the Internet icon, click the Default Level button,
click Apply, then OK.

MowGreen [MVP]
*-343-* Never Forgotten


Yasoo wrote:

> When using Windows Update in Windows ME, I'm getting an ActiveX
> control not marked as safe error. Why might that be? I'm sure
> it would be signed if it is from Microsoft... Is that a false
> error report or possibly a hack trying to run an unsigned
> control? How can I find out which ActiveX control is giving that
> error? Thank you.

O.K. Thank you.

I'm getting the message in IE. After I click Windows Update, it starts IE and runs some Activex controls. I don't have the default set. On that computer, I have activex turned off in IE altogether. For something like this, I set it to prompt. I know I can set it to run unsigned controls, but I have that off. I didn't think MSoft would have Windows Update running unsigned controls. It gives the impression that someone hacked Windows Update and is trying to run a malicious ActiveX control when I try to run Windows Update.

How can I tell which ActiveX control is being triggered at runtime in my browser?

Thank you.

> For something like this, I set it to prompt.

And, you're getting the prompt. The prompt is not an indication that
the ActiveX controls are unsigned, it's prompting you to allow the
installation of them.

If you believe it's malicious then don't allow it. Use other means
to obtain the updates.

HotFix and Security Bulletin Service
http://www.microsoft.com/technet/security/CurrentDL.aspx


MowGreen [MVP]


Yasoo wrote:

> I'm getting the message in IE. After I click Windows Update, it
> starts IE and runs some Activex controls. I don't have the
> default set. On that computer, I have activex turned off in IE
> altogether. For something like this, I set it to prompt. I know
> I can set it to run unsigned controls, but I have that off. I
> didn't think MSoft would have Windows Update running unsigned
> controls. It gives the impression that someone hacked Windows
> Update and is trying to run a malicious ActiveX control when I
> try to run Windows Update.
>
> How can I tell which ActiveX control is being triggered at
> runtime in my browser?
>
> Thank you.

Right. I'm getting a prompt from Microsoft that they didn't an ActiveX control for Windows Update. I don't believe it's malicious, necessarily. B.J. Honeycut replied saying that Microsoft doesn't necessarily sign't their controls. So I don't know what to think. Is there just no way to find out which ActiveX control is being asked to run at runtime? It just tells me that it is an ActiveX control, signed or unsigned, it doesn't tell me what it is.

Thanks for that link. The link I had before for manual install wasn't as functional as this page.