Active X control is based on ActiveX technology designed by Microsoft to enable Web browsers, such as Internet Explorer and email applications, such as Outlook, to download and run different programs from the Web. An Active X control compiles by running native instructions on your computer. The control can access all files and folders and has permission equivalent to the currently logged on user.
Benefits of ActiveX Controls
The most attracting benefit of ActiveX controls is that they enable users to easily and quickly create interactive Web pages and email messages by using an already existing components. If you search on the Internet, you can find many free and paid ActiveX components that can help you add various features to your web pages easily. Suppose that you want to create a Web page that can open PDF documents. To add the functionality, you can download, and plugin already existing ActiveX component that performs the task, to your Web page.
Drawbacks of ActiveX Controls
Although ActiveX is quite beneficial in developing interactive Web pages, there are certain inherent security vulnerabilities within it that are potentially dangerous for end-users. Because an ActiveX control on your computer has the same rights as the current user, the control can damage your computer and network to the same extent as the current user. Therefore, by downloading and installing an ActiveX control, you extend your trust to someone who you do not know and may not trust.
To check the ActiveX controls currently installed on your computer, perform the following steps:
- In the Internet Explorer window, open the Tools menu, and then select the Internet Options command.
- On the General tab, select the Settings button in the Temporary Internet files section. (IE7 users select the Settings located in the Browsing History section.)
Select the View Objects button. - To check the source of any of the installed ActiveX objects, double-click on it and check its URL displayed in the CodeBase field. If you find an ActiveX control, which you feel is not from the source you trust, delete it from the system.
Signed ActiveX Controls
A signed ActiveX control indicates that the control is authenticated by a recognized authority and has not been changed since then. Microsoft introduced the process of signing ActiveX controls to implement certain amount of security to ActiveX components. However, even this is not fool proof. There is no way of managing downloads of signed controls from unsafe sources. Once you have installed a signed control, a hacker can easily access the vulnerability within the control to install malware on your computer.
Protect Your Network from Malicious Active X Controls
You can always disable ActiveX controls by changing the Security settings of Internet Explorer. However, this defeats the main usefulness and purpose of ActiveX controls to develop interactive and user-friendly Web pages.
If you are on a computer network, you must disable ActiveX downloads on all servers and configure the firewall on the network to ensure that only authorized and approved ActiveX controls are downloaded on workstations.
You must ensure that all systems on the network are regularly updated with latest security updates and hotfixes. You must keep virus definitions of antivirus programs on all systems up-to-date and run regular scans to ensure that the entire network is free from malicious ActiveX programs, viruses, and spyware.
A good and efficient registry cleaner can also help you in dealing with malicious ActiveX components. Registry cleaners help you in scanning the system registry for all unsolicited and unsafe ActiveX control entries and removes them to enhance the security of a computer.
The security vulnerability in ActiveX controls poses a great security threat for PCs and computer networks. Although there are not many reported hacking issues related to ActiveX, you must not become complacent about them. Many critics and even Microsoft lay emphasis on security issues inherent in ActiveX controls and ask users to be vigilant about the controls they download and install on their computers. Remember, prevention is better than trying to find a cure. Do not visit unsafe Web sites, avoid opening unsolicited e-mails, regularly run antivirus and registry scans, and keep your PC updated with latest security releases to ensure that your computer is free and safe from malicious programs and hackers.