ActiveX Errors

Background of ActiveX Controls

Before tackling ActiveX, I need to say just a little about the general way programs are designed these days. A lot of use is made of what the programmers call objects. These are individual modules designed to carry out specific tasks or functions. They can then be plugged into any program that has an interface set up to communicate with them. In this way, a set of objects can be used as building blocks to modify and augment a variety of programs. Thus, a single separate entity can provide functionality for many different programs. In this way, programs do not have to keep reinventing the wheel but can call on an object for implementing some particular procedures. Microsoft has been a leader in this way of doing things.

What ActiveX controls do

“ActiveX” is a name probably dreamed up by the marketing people at Microsoft. It has as much intrinsic meaning as “cougar” does for a make of automobile. It refers to a somewhat loosely defined group of methods developed by Microsoft for sharing information and functionality among programs. One of these technologies is called “ActiveX controls.” These are objects that are like small programs or “applets” and a number of Microsoft programs like Office and Internet Explorer (IE) are designed to be able to interact with them. An example is a spell checker. Since Word comes with a spell checker, other Microsoft programs such as Outlook Express can make use of it. In fact, any program with the appropriate interface can use this spell checker.

This built-in interactivity between various components and programs leads to greatly increased versatility and flexibility. Furthermore, programmers can easily create new ActiveX controls with Visual Basic , C++, and other programming languages. One place where ActiveX controls are very common is in Internet Explorer. An ActiveX control can be automatically downloaded and executed by Internet Explorer. Once downloaded, an ActiveX control in effect becomes part of the operating system. For example, IE cannot read PDF files by itself but can do so with an ActiveX control from Adobe. Similarly, IE needs a control to display Flash.

Security problems

The interactivity and ease of programming of ActiveX controls has a price and these controls are a major source of security problems. Sad to say, unscrupulous types have taken advantage of the ActiveX control technology to place malware on unwary computer users. A lot of spyware and adware is downloaded as ActiveX controls. Microsoft tightened up the security in Windows XP Service Pack 2 and then some more in Internet Explorer 7 but security issues remain. Careful attention to what you download and configuring the ActiveX settings in Internet Explore for greater safety will go a long way towards obviating problems. Support for ActiveX by Internet Explorer can be completely disabled but that breaks useful functions as well as blocking malware. For more details on the security settings for ActiveX in Internet Explorer see this table listing the different zone settings as well as a tutorial on configuring IE. ActiveX is a useful technology and the trick is to find the right balance between convenience and security that is appropriate to your usage patterns and technical skills.

Because of ActiveX problems, many security-conscious computer users are switching from Internet Explorer to browsers that do not support ActiveX such as Firefox, Opera, and Netscape. Go here for a discussion of what is involved in switching to the Firefox browser.

For a more benign view of ActiveX, see this article by Larry Seltzer.

Leave a Reply

Your email address will not be published. Required fields are marked *