Jun 22 2006, 03:27 PM
microsoft relies on trust for the security model and warns against making activex with dangerous capabilities. the responsibility, however, rests with the creator of the activex, but as in any trust model some people can choose to abuse it. available methods such as "DownLoadURL", "SaveFilePath", etc. can allow a victim's system silently download a malicious executable file to the startup folder or install spywares, adwares, etc into the system. but activeX is also used for legit purposes like installing a online virus scanner (eg. trendmicro housecall).
QUOTE
What is ActiveX?
ActiveX is a set of technologies from Microsoft that enables interactive content for the World Wide Web. Before ActiveX, Web content was static, 2-dimensional text and graphics. With ActiveX, Web sites come alive using multimedia effects, interactive objects, and sophisticated applications that create a user experience comparable to that of high-quality CD-ROM titles. ActiveX provides the glue that ties together a wide assortment of technology building blocks to enable these "active" Web sites.
ActiveX is a set of technologies from Microsoft that enables interactive content for the World Wide Web. Before ActiveX, Web content was static, 2-dimensional text and graphics. With ActiveX, Web sites come alive using multimedia effects, interactive objects, and sophisticated applications that create a user experience comparable to that of high-quality CD-ROM titles. ActiveX provides the glue that ties together a wide assortment of technology building blocks to enable these "active" Web sites.
http://www.active-x.com/articles/whatis.htm
Quote
0.0143sec
0.49
6 queries
GZIP Disabled