Browser Helper Object: Difference between revisions
No edit summary |
Expand. |
||
| Line 1: | Line 1: | ||
A '''Browser Helper Object''' (BHO) is a [[ |
A '''Browser Helper Object''' (BHO) is a [[Library (computer science)|DLL]] module designed to hook into [[Microsoft]]'s [[Internet Explorer]] to provide added functionality. BHOs were introduced in October [[1997]] with the release of version 4 of Internet Explorer. |
||
Some modules enable the display of different file formats not ordinarily interpretable by the browser. The [[Adobe Acrobat]] plugin that allows Internet Explorer users to read [[PDF]] files within their browser is a BHOs. |
|||
Other modules add toolbars to Internet Explorer, such as the [[Alexa Toolbar]] that provides a list of web sites related to the one you are currently browsing, or the [[Google#Google Toolbar|Google Toolbar]] that adds a toolbar with a Google search box to the browser UI. |
|||
However because BHOs have unrestricted access to the Internet Explorer event model, some forms of [[malware]] have also been created as BHOs. The [[Download.ject]] exploit installed a BHO that would activate upon detecting a secure HTTP connection to a financial institution, record the user's keystrokes (intending to capture passwords) and transmit the information to a website used by [[Russian]] [[computer crime|computer criminals]]. Other BHOs such as the [[MyWay Searchbar]] track users browsing patterns and pass the information they record to third-parties. |
|||
In response to the problems associated with BHOs and similar extensions to Internet Explorer, Microsoft added an ''Add-on Manager'' to Internet Explorer with the release of [[Windows XP#Service Pack 2|Service Pack 2]] for [[Windows XP]]. This displays a list of all installed BHOs, [[Browser Extension]]s and [[ActiveX]] controls, and allows the user to enable or disable them at will. |
|||
For users that are not using Windows XP, there exist free tools (such as BHODemon) that list installed BHOs and allow the user to disable malicious extensions. |
|||
==External links== |
|||
* [http://msdn.microsoft.com/library/en-us/dnwebgen/html/bho.asp Browser Helper Objects: The Browser the Way You Want It] - a January 1999 MSDN article by Dino Esposito |
|||
* [http://sysinfo.org/bholist.php CLSID List] - a list created by Tony Klein and others, that attempts to record and indentify every BHO available |
|||
* [http://www.microsoft.com/windowsxp/using/web/sp2_addonmanager.mspx Control Internet Explorer Add-ons with Add-on Manager] - an article on microsoft.com that explains this new feature of Windows XP Service Pack 2 |
|||
* [http://www.definitivesolutions.com/bhodemon.htm BHODemon] - a free tool for listing and disabling malicious BHOs |
|||
{{stub}} |
{{stub}} |
||
Revision as of 12:39, 8 January 2005
A Browser Helper Object (BHO) is a DLL module designed to hook into Microsoft's Internet Explorer to provide added functionality. BHOs were introduced in October 1997 with the release of version 4 of Internet Explorer.
Some modules enable the display of different file formats not ordinarily interpretable by the browser. The Adobe Acrobat plugin that allows Internet Explorer users to read PDF files within their browser is a BHOs.
Other modules add toolbars to Internet Explorer, such as the Alexa Toolbar that provides a list of web sites related to the one you are currently browsing, or the Google Toolbar that adds a toolbar with a Google search box to the browser UI.
However because BHOs have unrestricted access to the Internet Explorer event model, some forms of malware have also been created as BHOs. The Download.ject exploit installed a BHO that would activate upon detecting a secure HTTP connection to a financial institution, record the user's keystrokes (intending to capture passwords) and transmit the information to a website used by Russian computer criminals. Other BHOs such as the MyWay Searchbar track users browsing patterns and pass the information they record to third-parties.
In response to the problems associated with BHOs and similar extensions to Internet Explorer, Microsoft added an Add-on Manager to Internet Explorer with the release of Service Pack 2 for Windows XP. This displays a list of all installed BHOs, Browser Extensions and ActiveX controls, and allows the user to enable or disable them at will.
For users that are not using Windows XP, there exist free tools (such as BHODemon) that list installed BHOs and allow the user to disable malicious extensions.
External links
- Browser Helper Objects: The Browser the Way You Want It - a January 1999 MSDN article by Dino Esposito
- CLSID List - a list created by Tony Klein and others, that attempts to record and indentify every BHO available
- Control Internet Explorer Add-ons with Add-on Manager - an article on microsoft.com that explains this new feature of Windows XP Service Pack 2
- BHODemon - a free tool for listing and disabling malicious BHOs