ActiveX is a set of object-oriented programming (OOP) technologies and tools that Microsoft developed for Internet Explorer to facilitate rich media playback. Essentially, Internet Explorer uses ActiveX to load other software applications in the browser.
Programmers writing for ActiveX create components, self-sufficient programs that can be run by the Windows operating system. The components, which are known as ActiveX controls, are roughly equivalent to Java applets.
One of the main advantages of ActiveX components is that they can be re-used by many applications (referred to as component containers). Unfortunately, that also means that the component can be re-used by an attacker to run malicious code and gain access to critical files.
Because so many ActiveX controls have turned out to be malicious, Microsoft designed Internet Explorer 7 so that it displays a warning every time a site attempts to use an ActiveX control. It's up to the user to decide whether or not the request comes from a trustworthy source.
Expert Brian Posey explains how Per-Site Active X and Data Execution Prevention will help keep Internet Explorer 8 safe from ActiveX exploits.
Continue Reading About ActiveX
- You can download a number of freeware or shareware ActiveX controls from download.com's ActiveX page .
- Microsoft provides a detailed example of how to build a distributed application using ActiveX and DCOM .