In this post i will discuss about code auditing of a COM. Other than the usual native codebase vulnerabilities, we will look into COM specific rules that needs to be followed by the developer. Most of the time these details are not taken care. Most of the details are from the “Inside COM” book. Some of them are straight forward rules and some of them are from the experience. Let me know if you have any other details. Please comment it in the post.