Wednesday, February 8, 2012

What is ActiveX? - Security Term

ActiveX is a series of computer program distribution and runtime technologies. Developed by Microsoft, ActiveX technologies have been incorporated into almost all of Microsoft's products released in recent years including Windows, Word, Excel, and Internet Explorer. ActiveX-enabled programs can embed features found in other enabled programs, and can incorporate new features within an ActiveX component. For instance, Internet Explorer can open an Excel spreadsheet via ActiveX object linking, and incorporate all the features of Excel within itself. Similarly web designers who wish to incorporate a features not implemented within any of Microsoft's products can write the features as an ActiveX component in any programming language that support it.

ActiveX is a development of Microsoft's Object Linking and Embedding technology. Originally designed to facilitate the copying of non-text objects via Windows' built-in clipboard, OLE was extended to all Microsoft products that support the clipboard. Objects such as pictures, sound, spreadsheets, and more can be embedded in other document types. OLE is itself a manifestation of Dynamic Data Exchange, the original clipboard architecture. The major limitation of OLE that ActiveX overcomes is the fact that OLE can only copy user data between applications, whereas ActiveX can copy executable code. Of course, this requires that the code to be copied actually be present on the system: Excel spreadsheets will not display in Internet Explorer if Excel itself is not installed.

The inclusion of ActiveX controls in Internet Explorer has led to hundreds of security threats regarding the browser, many of which are quite serious. ActiveX was enabled by default on all supported IE versions prior to Windows SP2. As IE is an integral part of the Windows operating system, ActiveX components running in IE had access to most of the running system. This was often exploited, and much of today's malware has been distributed this way. However, disabling ActiveX in Internet Explorer leads to problems with legitimate webpages that depend upon embedding objects this way, such as those presenting Flash or QuickTime movies.

source: what-is-what.com

No comments:

Post a Comment

Once you submit the comment, please wait for its approval. Sooner or later your comment will show up so do not comment twice.