LabVIEW

This announcement applies to all users regardless if they are using Active X controls in their application or not. We recommend that you install the update to ensure the security of your system.

Hello:

How do I know if my Active-X is active or not?

thank you

\\diego2000

Active X controls are not typically referred to as 'active' or 'inactive' but are a software component of Microsoft Windows used when interfacing with the internet. This site will give you more details about Active X controls and serve to provide more information on how they're used.

If this is an ActiveX vulnerability - Will it addressed by Microsoft in form of Security Patch or Hotfix?

It's a vulnerability of some ActiveX components being installed by various NI products. Microsoft only has indirect influence on this, having developed the ActiveX technology. Even if your applications are not using any NI ActiveX component they are installed in your system anyhow and could be invoked through a carefully crafted web page when browsing the net, to allow exploiting its vulnerability. So you need to upgrade your system with the NI patch if you have any software from NI installed. This will make sure that any NI ActiveX component that is installed gets updated properly. NI will include this fix in all products that get released in the next big release cycle planned for August when NI week will start.

If you have disabled executation of ActiveX in your internet browser/internet zone, then the need to update your systems with the patch is less urgent but should still be done.

Rolf Kalbermatter  My Blog DEMO, Electronic and Mechanical Support department, room 36.LB00.390

None of the related articles mention which version of LabVIEW are affected.  Does this vulnerability go way back, just 2012, or somewhere in between?  Thank you.

---

@tourofmars wrote:

None of the related articles mention which version of LabVIEW are affected.  Does this vulnerability go way back, just 2012, or somewhere in between?  Thank you.

---

It affects ActiveX components installed with any NI Software prior to the release of the patch.  Bluntly- it goes way back

---

@tourofmars wrote:

None of the related articles mention which version of LabVIEW are affected.  Does this vulnerability go way back, just 2012, or somewhere in between?  Thank you.

---

Unless you are only using NI software before around 1995 you should certainly consider the patch. However if you use any software before 2005 you are likely to have much more serious trouble than this vulnerability.

Rolf Kalbermatter  My Blog DEMO, Electronic and Mechanical Support department, room 36.LB00.390

If I have not used NI ActiveX components in MSIE or Office products would I still need to roll out this NI security update?  Notably only a handful of NI ocx and dll files are affected.  The fewer unecessary changes I have to make to already validated systems the better.

http://digital.ni.com/public.nsf/allkb/357C0A5B43F3FCBE86257B360050CF9E