CAPICOM

Last updated February 01, 2021

CAPICOM is a discontinued ActiveX control created by Microsoft to help expose a select set of Microsoft Cryptographic Application Programming Interface (CryptoAPI) functions through Microsoft Component Object Model (COM). It was intended to enable every environment that supports ActiveX to use Microsoft Cryptographic technologies, including web pages that are opened with Microsoft Internet Explorer or any other web browser that supports ActiveX.^[1]

CAPICOM can be used to digitally sign data, inspect, verify and display their digital signature or digital certificate, add or remove certificates to or from the certificate stores, and finally, to encrypt or decrypt data.^[1]

CAPICOM Version 2.1.0.3, the latest and last version of CAPICOM, is officially supported on Windows Vista.^[2]^[3]^[4] However, Microsoft has announced that CAPICOM is discontinued and is no longer being developed. Microsoft suggests replacing CAPICOM with .NET Framework's X509 Cryptographic Classes and a number of other alternatives.^[5]

CAPICOM was not included in Windows 7. The linked Microsoft article goes into detail. ^[6]

Related Research Articles

Internet Explorer is a series of graphical web browsers developed by Microsoft and included in the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year. Later versions were available as free downloads, or in-service packs, and included in the original equipment manufacturer (OEM) service releases of Windows 95 and later versions of Windows. New feature development for the browser was discontinued in 2016 in favour of their new browser Microsoft Edge. Since Internet Explorer is a Windows component and is included in long-term lifecycle versions of Windows such as Windows Server 2019, it will continue to receive security updates until at least 2029. Microsoft announced in August 2020 that as of August 2021, web-based Microsoft 365 products will no longer support Internet Explorer, with support for Microsoft Teams ending earlier in November 2020.

Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.

ActiveX is a deprecated software framework created by Microsoft that adapts its earlier Component Object Model (COM) and Object Linking and Embedding (OLE) technologies for content downloaded from a network, particularly from the World Wide Web. Microsoft introduced ActiveX in 1996. In principle, ActiveX is not dependent on Microsoft Windows operating systems, but in practice, most ActiveX controls only run on Windows. Most also require the client to be running on an x86-based computer because ActiveX controls contain compiled code.

Transport Layer Security (TLS), and its now-deprecated predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. Several versions of the protocols are widely used in applications such as email, instant messaging, and voice over IP, but its use as the Security layer in HTTPS remains the most publicly visible.

A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred.

Internet Information Services is an extensible web server software created by Microsoft for use with the Windows NT family. IIS supports HTTP, HTTP/2, HTTPS, FTP, FTPS, SMTP and NNTP. It has been an integral part of the Windows NT family since Windows NT 4.0, though it may be absent from some editions, and is not active by default.

Microsoft Agent was a technology developed by Microsoft which employed animated characters, text-to-speech engines, and speech recognition software to enhance interaction with computer users. Thus it was an example of an embodied agent. It came preinstalled as part of Windows 98 through Windows Vista. It was not included with Windows 7 but can be downloaded from Microsoft. It was completely discontinued in Windows 8. Microsoft Agent functionality was exposed as an ActiveX control that can be used by web pages.

The Encrypting File System (EFS) on Microsoft Windows is a feature introduced in version 3.0 of NTFS that provides filesystem-level encryption. The technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer.

The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 6960 and is on the Internet standards track. It was created as an alternative to certificate revocation lists (CRL), specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI). Messages communicated via OCSP are encoded in ASN.1 and are usually communicated over HTTP. The "request/response" nature of these messages leads to OCSP servers being termed OCSP responders.

Windows Internet Explorer 7 (IE7) is a web browser for Windows. It was released by Microsoft on October 18, 2006. Internet Explorer 7 is part of a long line of versions of Internet Explorer and was the first major update to the browser since 2001. It is the default browser in Windows Vista and Windows Server 2008 and can replace Internet Explorer 6 on Windows XP and Windows Server 2003 but unlike version 6, this version does not support Windows NT 4.0, Windows 98, Windows 98 SE, Windows 2000, and Windows Me.

Windows Media DRM or WMDRM, is a Digital Rights Management service for the Windows Media platform. It is designed to provide delivery of audio or video content over an IP network to a PC or other playback device in such a way that the distributor can control how that content is used.

Windows Vista is an operating system produced by Microsoft as a member of the Windows NT family of operating systems for use on personal computers. Development was completed on November 8, 2006, and over the following three months, it was released in stages to computer hardware and software manufacturers, business customers and retail channels. On January 30, 2007, it was released worldwide and was made available for purchase and download from the Windows Marketplace; it is the first release of Windows to be made available through a digital distribution platform. The release of Windows Vista came more than five years after the introduction of its predecessor, Windows XP, the longest time span between successive releases of Microsoft Windows desktop operating systems.

Windows Server 2008 is the third version of the Windows Server operating system produced by Microsoft, based on Windows NT 6.0. It was released to manufacturing on February 4, 2008, and reached general availability on February 27, 2008, about 13 months after the launch of the Windows Vista operating system. Windows Server 2008 is the successor of Windows Server 2003, which is derived from the Windows XP codebase, released nearly five years earlier.

Windows Media Center (WMC) is a discontinued digital video recorder and media player created by Microsoft. Media Center was first introduced to Windows in 2002 on Windows XP Media Center Edition (MCE). It was included in Home Premium and Ultimate editions of Windows Vista, as well as all editions of Windows 7 except Starter and Home Basic. It was also available on Windows 8 Pro and Windows 8.1 Pro as a paid add-on, before being discontinued in Windows 10, although it can reportedly be unofficially reinstalled using a series of Command Prompt commands.

Windows Hardware Quality Labs testing or WHQL Testing, also known as Windows Logo Testing, is Microsoft's testing process which involves running a series of tests on third-party hardware or software, and then submitting the log files from these tests to Microsoft for review. The procedure may also include Microsoft running their own tests on a wide range of equipment, such as different hardware and different Microsoft Windows editions.

The Microsoft Windows platform specific Cryptographic Application Programming Interface is an application programming interface included with Microsoft Windows operating systems that provides services to enable developers to secure Windows-based applications using cryptography. It is a set of dynamically linked libraries that provides an abstraction layer which isolates programmers from the code used to encrypt the data. The Crypto API was first introduced in Windows NT 4.0 and enhanced in subsequent versions.

BitLocker is a full volume encryption feature included with Microsoft Windows versions starting with Windows Vista. It is designed to protect data by providing encryption for entire volumes. By default, it uses the AES encryption algorithm in cipher block chaining (CBC) or XTS mode with a 128-bit or 256-bit key. CBC is not used over the whole disk; it is applied to each individual sector.

There are a number of security and safety features new to Windows Vista, most of which are not available in any prior Microsoft Windows operating system release.

Microsoft Silverlight is a deprecated application framework for writing and running rich Internet applications, similar to Adobe Flash. A plugin for Silverlight is still available for some browsers. While early versions of Silverlight focused on streaming media, later versions supported multimedia, graphics, and animation, and gave support to developers for CLI languages and development tools. Silverlight was also one of the two application development platforms for Windows Phone, but web pages using Silverlight did not run on the Windows Phone or Windows Mobile versions of Internet Explorer, as there was no Silverlight plugin for Internet Explorer on those platforms.

Microsoft started development on the .NET Framework in the late 1990s originally under the name of Next Generation Windows Services (NGWS). By late 2001 the first beta versions of .NET 1.0 were released. The first version of .NET Framework was released on 13 February 2002, bringing managed code to Windows NT 4.0, 98, 2000, ME and XP.

References

1 2 Lambert, John (March 2001). "Introducing CAPICOM". Microsoft Developer Network . Microsoft Corporation. Retrieved 22 April 2011.
↑ Magencio, Alejandro Campos (19 October 2007). "CAPICOM support on Windows Vista". Decrypt my World. MSDN Blogs . Microsoft Corporation. Retrieved 22 April 2011.
↑ "CAPICOM Versions". Microsoft Developer Network. Microsoft Corporation. 19 April 2011. Retrieved 22 April 2011.
↑ "MS07-028: Vulnerability in CAPICOM could allow remote code execution". Microsoft Support Knowledge Base. Microsoft Corporation. 8 January 2017. Retrieved 18 January 2018.
↑ "Alternatives to CAPICOM (Windows)". Microsoft Developer Network. Microsoft Corporation. 19 April 2011. Retrieved 22 April 2011.
↑ "CAPICOM not in Windows 7". Microsoft Developer Network. Microsoft Corporation. 18 January 2009. Retrieved 13 November 2014.

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

This Microsoft Windows article is a stub. You can help Wikipedia by expanding it.

This article related to Microsoft is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[CAPICOM-Intro-1] 1 2 Lambert, John (March 2001). "Introducing CAPICOM". Microsoft Developer Network . Microsoft Corporation. Retrieved 22 April 2011.

[2] Magencio, Alejandro Campos (19 October 2007). "CAPICOM support on Windows Vista". Decrypt my World. MSDN Blogs . Microsoft Corporation. Retrieved 22 April 2011.

[3] "CAPICOM Versions". Microsoft Developer Network. Microsoft Corporation. 19 April 2011. Retrieved 22 April 2011.

[4] "MS07-028: Vulnerability in CAPICOM could allow remote code execution". Microsoft Support Knowledge Base. Microsoft Corporation. 8 January 2017. Retrieved 18 January 2018.

[5] "Alternatives to CAPICOM (Windows)". Microsoft Developer Network. Microsoft Corporation. 19 April 2011. Retrieved 22 April 2011.

[6] "CAPICOM not in Windows 7". Microsoft Developer Network. Microsoft Corporation. 18 January 2009. Retrieved 13 November 2014.

[1]

[2]

[3]

[4]

[5]

[6]

v t e Microsoft APIs and frameworks
Graphics	Desktop Window Manager Direct2D Direct3D D3D (extensions) GDI / GDI+ WPF Silverlight WinRT XAML Windows Color System Windows Image Acquisition Windows Imaging Component DirectX Graphics Infrastructure (DXGI) Windows Advanced Rasterization Platform WinG
Audio	DirectMusic DirectSound DirectX plugin XACT Speech API XAudio2
Multimedia	DirectX Media Objects Video Acceleration Xinput DirectInput DirectShow Image Mastering API Managed DirectX Media Foundation XNA Windows Media Video for Windows
Web	MSHTML RSS Platform JScript VBScript BHO XDR SideBar Gadgets TypeScript
Data access	Data Access Components (MDAC) ADO ADO.NET ODBC OLE DB Extensible Storage Engine Entity Framework Sync Framework Jet Engine MSXML OPC
Networking	Winsock LSP Winsock Kernel Filtering Platform NDIS Windows Rally BITS P2P API MSMQ MS MPI DirectPlay
Communication	Messaging API Telephony API WCF
Administration and management	Win32 console Windows Script Host WMI (extensions) PowerShell Task Scheduler Offline Files Shadow Copy Windows Installer Error Reporting Event Log Common Log File System
Component model	COM COM+ ActiveX Distributed Component Object Model .NET Framework
Libraries	Framework Class Library Microsoft Foundation Classes (MFC) Active Template Library (ATL) Windows Template Library (WTL)
Device drivers	WDM WDF KMDF UMDF WDDM NDIS UAA BDA VxD
Security	Crypto API CAPICOM Windows CardSpace Data Protection API Security Support Provider Interface (SSPI)
.NET	ASP.NET ADO.NET Remoting Silverlight TPL WCF WCS WPF WF
Software factories	EFx Factory Enterprise Library Composite UI CCF CSF
IPC	MSRPC Dynamic Data Exchange (DDE) Remoting WCF
Accessibility	Active Accessibility UI Automation
Text and multilingual support	DirectWrite Text Services Framework Text Object Model Input method editor Language Interface Pack Multilingual User Interface Uniscribe