Re: Just How bad is ActiveX

"bright" wrote:
But I'm confused to see some reports of flaws in current ActiveX
controls - sure the Control can be abused to take over the User's PC
but if a malicious website wants to take over a user's PC why don't
they use their own ActiveX control?

Exploiting vulnerabilities in installed ActiveX browser components is
just an easy way for criminals to run their code without the user
consenting or being aware of it. Why take the risk that a user might
decline to install something by making them decide? Of course, they do
that as well and people are still socially-engineered to run malware
in the form of BHOs (browser helper objects) or ordinary executable


Relevant Pages

  • ActiveX problem
    ... Everytime I start Excel it asks me if I want to run this Active X control. ... how ActiveX controls are initialized within Office applications. ... another format the link reference to the ActiveX control might not convert ...
  • RE: ActiveX as a Service with events
    ... > Have an ActiveX created in Delphi 7 and need to run it in a service by ... > If I just add the reference to the control at design time using the TLBImp ... > Private WithEvents myOCX as AxmyControl.AxmyOCX ... > Private Sub OnStart() ...
  • Re: User Controls (Active X) - Da Process
    ... ActiveX control itself. ... Interfaces), defined in other Binaries. ...
  • RE: Microsoft Baseline Security Analyzer exploit (Exposed vulnerabilities list)
    ... >security setting of the browser. ... >whether to launch ActiveX that is signed by a specific signer. ... There IS a need for low security for the rouge ActiveX control to be ... Admin downloads and runs MBSA. ...
  • Re: System.Timers.Timer() sometimes gets stuck and disappears??
    ... The activeX was blocking ... with a timeout function. ... I think that this is getting stuck at the activeX control. ... | int myValue = activeXControl1.getMyValue; ...