Q

Configuring access control lists

Network security expert Mike Chapple explains how access control lists (ACLs) can be used to defend against Internet Explorer threats.

Regarding a recent IE 7 exploit, Microsoft recommends using access control lists (ACLs) to disable Ole32db.dll. What are ACLs, and how do you use it to disable Ole32db.dll? What kind of changes/effects will take place if these actions are carried out?
Also known as system access control lists, ACLs are used to specify access permissions for Windows objects to a fine degree of detail. Normally, it's unnecessary to configure ACLs directly, as Windows tools handle this "under-the-hood" work. As you pointed out, however, Microsoft issued a security advisory at the end of 2008, and the warning detailed a flaw in Internet Explorer that required disabling OLE32DB.DLL. The easiest way to do this is through an ACL.

The OLE32DB.DLL file allows programs to make use of Microsoft's ActiveX Data Objects (ADO) and Object Linking and Embedding (OLE) functionality. Fortunately, there aren't any common uses of these technologies within Internet Explorer, so disabling OLE32DB.DLL should have no adverse effect on the system.

The instructions for creating the ACL depend upon your operating system. Microsoft offers a knowledge base article that explains the step-by-step process.

This was first published in June 2009

Dig deeper on Network Access Control Basics

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close