SYSTEM AND METHOD FOR DAY-ZERO AUTHENTICATION OF ACTIVEX CONTROLS

US 20130055369A1
Filed: 08/24/2011
Published: 02/28/2013
Est. Priority Date: 08/24/2011
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

verifying a digital signature of an ActiveX control;

identifying at least one executable file of the ActiveX control;

authorizing the at least one executable file as an updater if the digital signature is from an authorized issuer; and

installing the ActiveX control.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method in one embodiment includes modules for verifying a digital signature of a Microsoft® ActiveX® control, identifying an executable file of the ActiveX control, authorizing the executable file as an updater configured to enable trust propagation, if the digital signature is from an authorized issuer, and installing the ActiveX control. More specific embodiments include hooking an exported function in the executable file and marking a thread calling the exported function as an updater. Hooking the exported function includes patching the executable function so that when the exported function is called during execution of the executable file, a second function is executed before the exported function is executed. Other embodiments include extracting a cabinet file wrapping the ActiveX control, parsing an information file in the cabinet file, and downloading additional components for installing the ActiveX control.

72 Citations

View as Search Results

20 Claims

1. A method comprising:
- verifying a digital signature of an ActiveX control;
  
  identifying at least one executable file of the ActiveX control;
  
  authorizing the at least one executable file as an updater if the digital signature is from an authorized issuer; and
  
  installing the ActiveX control.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the authorizing the at least one executable file as an updater comprises:
    - hooking at least one exported function in the at least one executable file; and
      
      providing update privileges to a thread calling the at least one exported function.
  - 3. The method of claim 2, wherein the hooking comprises patching the at least one executable file so that when the at least one exported function is called during execution of the at least one executable file, a second function is executed before the at least one exported function is executed.
  - 4. The method of claim 2, further comprising revoking update privileges from the thread when the at least one executable file is unloaded.
  - 5. The method of claim 1, wherein the ActiveX control is wrapped in a cabinet file.
  - 6. The method of claim 5, further comprising extracting the cabinet file.
  - 7. The method of claim 5, wherein the cabinet file comprises an information file.
  - 8. The method of claim 7, further comprising parsing the information file.
  - 9. The method of claim 1, further comprising downloading additional components for installing the ActiveX control.
  - 10. The method of claim 1, further comprising blocking execution of the Active X control if the digital signature is not from an authorized issuer.
  - 11. The method of claim 1, wherein the at least one executable file is selected from a group comprising files in EXE, DLL and script formats.
  - 12. The method of claim 1, wherein the verifying a digital signature comprises:
    - checking whether a digital certificate coupled with the digital signature is present in a certificate store and is associated with the authorized issuer; and
      
      verifying an integrity of the ActiveX control, comprising executing a function to return at least a hash of the cabinet file.

13. Logic encoded in non-transitory media that includes code for execution and when executed by a processor operable to perform operations comprising:
- verifying a digital signature of an ActiveX control;
  
  identifying at least one executable file of the ActiveX control;
  
  authorizing the at least one executable file as an updater if the digital signature is from an authorized issuer; and
  
  installing the ActiveX control.
- View Dependent Claims (14, 15, 16)
- - 14. The logic of claim 13, wherein the authorizing the at least one executable file as an updater comprises:
    - hooking at least one exported function in the at least one executable file; and
      
      providing update privileges to a thread calling the at least one exported function.
  - 15. The logic of claim 14, wherein the hooking comprises patching the at least one executable file so that when the at least one exported function is called during execution of the at least one executable file, a second function is executed before the at least one exported function is executed.
  - 16. The logic of claim 13, wherein the verifying a digital signature comprises:
    - checking whether a digital certificate coupled with the digital signature is present in a certificate store and is associated with the authorized issuer; and
      
      verifying an integrity of the ActiveX control, comprising executing a function to return at least a hash of the cabinet file.

17. An apparatus, comprising:
- a memory element; and
  
  a processor operable to execute instructions associated with electronic code such that the apparatus is configured for;
  
  verifying a digital signature of an ActiveX control;
  
  identifying at least one executable file of the ActiveX control;
  
  authorizing the at least one executable file as an updater if the digital signature is from an authorized issuer; and
  
  installing the ActiveX control.
- View Dependent Claims (18, 19, 20)
- - 18. The apparatus of claim 17, wherein the authorizing the at least one executable file as an updater comprises:
    - hooking at least one exported function in the at least one executable file; and
      
      providing update privileges to a thread calling the at least one exported function.
  - 19. The apparatus of claim 18, wherein the hooking comprises patching the at least one executable file so that when the at least one exported function is called during execution of the at least one executable file, a second function is executed before the at least one exported function is executed.
  - 20. The apparatus of claim 17, wherein the verifying a digital signature comprises:
    - checking whether a digital certificate coupled with the digital signature is present in a certificate store and is associated with the authorized issuer; and
      
      verifying an integrity of the ActiveX control, comprising executing a function to return at least a hash of the cabinet file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, Inc. (McAfee, LLC)
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Kumar, Pawan, Gupta, Rohit, Badola, Manoj

Application Number

US13/216,388
Publication Number

US 20130055369A1
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/52   during program execution, e...

G06F 21/572   Secure firmware programming...

H04L 63/0823   using certificates cryptogr...

H04L 9/3247   involving digital signatures

H04W 4/50   Service provisioning or rec...

SYSTEM AND METHOD FOR DAY-ZERO AUTHENTICATION OF ACTIVEX CONTROLS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

72 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR DAY-ZERO AUTHENTICATION OF ACTIVEX CONTROLS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

72 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links