Community
AutoCAD MEP Forum
Welcome to Autodesk’s AutoCAD MEP Forums. Share your knowledge, ask questions, and explore popular AutoCAD MEP topics.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Autodesk IDrop ActiveX Control Heap Corruption

5 REPLIES 5
Back to AutoCAD MEP Category
Back to Topic Listing
Reply
Message 1 of 6
Anonymous
12315 Views, 5 Replies
‎09-11-2013 07:42 AM
‎09-11-2013 07:42 AM

Autodesk IDrop ActiveX Control Heap Corruption

Sorry if this is the wrong forum for this. I'm trying to find if there is a resolution for this or how to remove this control. I'm on Windows 7 64. I went into Programs and Features but didn't find it there. I also went into IE 9 to remove the ActiveX control but it was not in there either. Yet I'm getting dinged on our network scans.
Thanks

Report
0 Likes
Reply
5 REPLIES 5
Message 2 of 6
Anonymous
in reply to: Anonymous
‎05-19-2014 09:40 AM
‎05-19-2014 09:40 AM

We were having the same problem. The following solution worked.

 

Open the c:\windows\downloaded program files  (IDROP.ocx and IDROPC64.ocx) and empty all of the data out of the file. 

 

This can be accomplished using notepad.  Save Both of the files back to the same directory.  When AutoCad 2012 launches, it sees the files as being there and does not reinstall new files. ACAS scans based of the version information on the files, in which are changed.  SO this remediates this vulnerability.

 

Rick

Report
0 Likes
Reply
Message 3 of 6
Anonymous
in reply to: Anonymous
‎09-17-2014 10:48 AM
‎09-17-2014 10:48 AM

I am using AutoCad 2013 LT. I did what you described of deleting all of the data out of the two files. I still am getting flagged on our networks scans. It says that 

"An unknown version of the vulnerable control is installed as : C:\windows\Downloaded Program Files\IDrop.ocx. Moreover, its kill bit is not set so it is accessible via Internet Explorer.  

Our scans are reporting them as a high vulnerabilty and their soulution is to remove the software as it is no longer supported by autodesk. Removing the software does not work as when you launch the program, it will reinstall the two files. What are my options now?

Report
0 Likes
Reply
Message 4 of 6
Anonymous
in reply to: Anonymous
‎12-08-2014 10:25 AM
‎12-08-2014 10:25 AM

This is an update to the previous solution that our IT did.

 Hopefully it works with your inatallation of LT

 

 

 

We found that the Network scanners were scanning for a certain registry key hive.  We corrected this issue by doing the following.

 

Open up Idrop.ocx and Idropx64.ocx and delete out all of the information and saving the blank files.

 

Backup the following registry key and all subkeys. HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}

 

Once you have backed this up, we deleted the following:

 

 

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}]
@="IDrop"

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\Control]
@=""

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\Implemented Categories]

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\Implemented Categories\{0DE86A58-2BAA-11CF-A229-00AA003D7352}]
@=""

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
@=""

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
@=""

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\InProcServer32]
@="C:\\Windows\\Downloaded Program Files\\IDrop.ocx"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\MiscStatus]
@="0"

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\MiscStatus\1]
@="131473"

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\ProgID]
@="idrop.idrop.2"

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\Programmable]
@=""

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\ToolboxBitmap32]
@="C:\\Windows\\Downloaded Program Files\\IDrop.ocx,101"

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\TypeLib]
@="{5947EFF4-5EF5-4C8A-81EC-1B9AEFE54372}"

[HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{21E0CB95-1198-4945-A3D2-4BF804295F78}\Version]
@="1.0".

 

We restarted the workstations and ran a remediation scan on the effected workstations and the vulnerability has went away.

Report
0 Likes
Reply
Message 5 of 6
Anonymous
in reply to: Anonymous
‎12-05-2019 05:55 AM
‎12-05-2019 05:55 AM

Tried all options noted.  Using Autocad LT 2017.  the OCX files are not on the system.  Cannot resolve vulnerability

Report
0 Likes
Reply
Message 6 of 6
pendean
Community Legend
in reply to: Anonymous
‎12-05-2019 10:33 AM
‎12-05-2019 10:33 AM

You need to be in 2019 or newer, iDROP got dropped (pun intended).

Report
0 Likes
Reply
Reply

Can't find what you're looking for? Ask the community or share your knowledge.

Post to forums  

Autodesk Design & Make Report

”Boost

 

Report a website issue