Browser Helper Object
A Browser Helper Object (BHO) is a
BHOs are still supported as of Windows 10, through Internet Explorer 11, while BHOs are not supported in Microsoft Edge.
Implementation
Each time a new instance of Internet Explorer starts, it checks the Windows Registry for the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects. If Internet Explorer finds this key in the registry, it looks for a CLSID key listed below the key. The CLSID keys under Browser Helper Objects tell the browser which BHOs to load. Removing the registry key prevents the BHO from being loaded. For each CLSID that is listed below the BHO key, Internet Explorer calls CoCreateInstance to start the instance of the BHO in the same process space as the browser. If the BHO is started and implements the IObjectWithSite interface, it can control and receive events from Internet Explorer. BHOs can be created in any language that supports COM.[1]
Examples
Some modules enable the display of different file formats not ordinarily interpretable by the browser. The
Other modules add toolbars to Internet Explorer, such as the
The Conduit toolbars are based on a BHO that can be used on
Concerns
The BHO
For example, the
Many BHOs introduce visible changes to a browser's interface, such as installing toolbars in Internet Explorer and the like, but others run without any change to the interface. This renders it easy for malicious coders to conceal the actions of their browser add-on, especially since, after being installed, the BHO seldom requires permission before performing further actions. For instance, variants of the ClSpring trojan use BHOs to install scripts to provide a number of instructions to be performed such as adding and deleting registry values and downloading additional executable files, all completely transparently to the user.[4]
In response to the problems associated with BHOs and similar extensions to Internet Explorer, Microsoft debuted an Add-on Manager in
See also
- Browser extension
- Plug-in (computing)
- HTML Components
- Add-on (Mozilla)
- Google Chrome Extensions
References
- ISBN 0-7356-0781-8
- ^ "Browser Hijack Objects (BHOs)". Malwarebytes Labs. Retrieved 2021-12-05.
- ISBN 978-3-540-32063-0.
- ^ Computer Associates malware entry at ca.com, retrieved 1/16/2009
External links
- Sites.google.com Archived 2014-12-24 at the Wayback Machine
Microsoft sites
- IEHelper-Attaching to Internet Explorer 4.0 by Using a Browser Helper Object
- Control Internet Explorer Add-ons with Add-on Manager – an article on Microsoft.com that explains this new feature of Windows XP Service Pack 2
- Building Browser Helper Objects with Visual Studio 2005 – an October 2006 MSDN article by Tony Schreiner and John Sudds
Listings and examples
- CLSID List – master list created by Tony Kleinkramer, which attempts to record and identify every BHO available (previously located at – the now defunct – castlecops.com) – also includes Toolbar, Explorer Bar and URLSearchHook GUIDs
- C++ example code for a BHO
- C# example code for a BHO