What are ActiveX Controls?

ActiveX controls are pieces of executable code, usually an OCX file packed up in a Cabinet file, invoked and installed by a user through the Internet Explorer web browser. Web developers and programmers create ActiveX controls in order to add more functionality that can't easily be achieved with a simple script or standard HTML.

One key feature of an ActiveX control is the simple download and execution deployment model. The ActiveX controls are invoked and installed through the HTML object tag. It has a feature called CODEBASE, which instructs the Internet Explorer web browser where to obtain the control if it is not yet installed on the machine. In such cases, the Internet Explorer web browser downloads the installation package associated with it. It asks permission from the user for the installation through the Internet Explorer Information Bar. During the installation, the rendering page registers and invokes the control. After the installation, any user has the ability to invoke the control. The simple execution and distribution mechanism is intended to provide programmers and developers with an easy way to distribute the components to web application users. However, the problem with this method of distribution is that standard users do not have the ability to install the ActiveX controls directly because in order to completely install it, administrative privileges are needed.

Having ActiveX problems?
Use this ActiveX test tool to fix your issues.

Upon the introduction of ActiveX controls in the Internet Explorer 4.0 Web browser, the Internet was, at least in appearance, a friendlier place. Nowadays, executable codes distributed on the Internet can represent a significant threat; thus, Windows only permits users with the local administration rights to alter the policy settings. Upon the installation of ActiveX controls by the administrator, the system user can easily invoke it. While this behavior prevents the standard users from installing certain ActiveX controls, it does not really alleviate the risks to the standard users and local administrators installing them.

A common challenge in terms of ActiveX controls in corporate environments is the permission to use the ActiveX controls while alleviating the potential threats sent to the computer through non-trusted and external controls. At the end, the decision to install the ActiveX control is still left to the individual user and the rights he has. To counteract the threats, there are some organizations that block or filter the installation of ActiveX controls, while others allow the end-user to install it and attempt to manage the malware installed in the computer.

Another way to prevent the installation of bad ActiveX controls is to enforce the limited rights of the user and to ask the IT administrator to preinstall the required ActiveX controls on the desktop platform. This is very effective if the ActiveX control in use is relatively static in nature, is modified or altered using a scheduled release process in concurrence with the desktop updates, or if any software distribution mechanism, like the Systems Management Server is used by an organization.

Windows and the Windows logo are trademarks of the Microsoft group of companies.
Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries.