What is an ActiveX Control?

An ActiveX control is essentially software module that is part of Microsoft’s Component Object Model (COM) and Object Linking and Embedding (OLE) technologies. Active X was originally named OLE 2.0 and the named was changed several years ago. Its primary purpose is to manage documents that use multimedia components but is can also transfer data between applications.

Using ActiveX allows simple web pages to provide the functionality of server based applications and can be used like standard executable programs. With ActiveX technology, a website can be interactive and allow you to use tools such as online mortgage calculators or online expense tracking tools. This has made the Internet much more exciting and robust. ActiveX controls are very similar to Java applets and share common implementation characteristics. ActiveX and other technologies like it have changed how surfers experience the internet but have also opened up a new avenue for hackers to exploit so they can cause damage or steal information.

Both Macintosh and windows can use ActiveX controls to perform operating system functions ranging from software development tools to end-user productivity tools. However, they are usually downloaded from web pages to display animated features, allow spreadsheets, toolbars and other features to be used interactively. Under today’s common practices and internet standards, most web browsers prompt the user to see if it is Ok to download an ActiveX control.

Herein lays the danger. Once the user accepts and the component is downloaded, the ActiveX control has the same privileges as the user. This poses significant security risks that including accessing and writing to the registry, access to the user’s local file system and the ability to change security settings.

Security Concerns

Legitimate uses of ActiveX provide visual display of web content or enhanced functionally to the system and make web browsing more pleasurable. Unfortunately, ActiveX technology has become an attractive vehicle for spyware, adware and malware distribution because less scrupulous programmers can embed these things in an ActiveX control for an unsuspecting user to download

ActiveX controls Adobe Reader, Adobe Flash Player, Apple QuickTime Player, Microsoft Windows Media Player, Real Networks RealPlayer, and Sun Java Virtual Machine are routinely used by Internet surfers every hour of a day all across the globe. The most ironic thing is that most malware, spyware and adware scanners use ActiveX technology to do their scanning.

Most web browsers can run ActiveX controls within a web page. However, only internet explorer and maxthon (a very popular IE clone used extensively in Asia and catching on in the US) use them by default. Firefox, Opera and Netscape require plug-ins to run ActiveX. Only Internet Explorer and Maxthon run them by default. Macintosh’s Safari cannot run ActiveX controls.

The problem occurs when a web page containing a harmful ActiveX control is allowed to run. Basically, it is the same as running malware on the computer. All web browsers try to prevent malicious content from being executed.

What Can Malicious ActiveX Controls Do?

ActiveX controls are small pieces of programming code placed in web pages that download Windows compatible programs onto your computer. Hackers can use malicious ActiveX controls to:

• Infect your email so they can send viruses, Trojans and worms to every one in your email address book.
• Be used to connect to inappropriate websites that charge by the minute and run up huge bills.
• Turn your computer into a zombie computer. When the hacker has enough zombies, he uses them to launch DOS (Denial of Service) attacks on large corporate or even government networks.

Disable ActiveX in Internet Explorer and Maxthon

In internet explorer Select Tools -> Internet Options. Select the Security tab. Click on the Custom Level button. Security Settings window will open. In Maxthon Select Options -> Internet Options. Select the Security tab. Click on the Custom Level button. Security Settings window will open.

The list below contains the settings for ActiveX controls. It looks the same for both internet explorer and maxthon.

Personally, I have found the above settings to work just fine for me. However, most security experts recommend you disable the Script ActiveX controls marked safe for scripting.

Conclusion

The primary reason Mozilla based browsers such as Netscape and Firefox and Macintosh’s Safari are considered safer than Internet Explorer is the fact that they do not use ActiveX controls. However, since most web surfers want to be able to experience and use the interactive web pages defined by ActiveX controls, plug-ins have been created to install these features. As a result, they are no longer inherently safer than internet explorer.

While you do not want to completely disable ActiveX controls, some caution is certainly warranted.