ActiveX is a set of Object Oriented Programming (OOP) technologies created by Microsoft. It enables software applications to share functionality and information. An ActiveX object is a self sufficient program that works only on Windows operating systems.
ActiveX was created to ensure that different applications shared the same functions. The best example of this is the spell checker ActiveX object. Instead of writing two separate programs for the spell checker, a single spell checker object was built to ensure that its functionality is shared among different Microsoft applications like Word and PowerPoint.
The ActiveX technology evolved in the form of object linking and embedding (OLE). OLE allowed simple functions like cut and paste to be shared among different applications. It later evolved into the idea of the compound object module (COM). Independent modules and applets like the spell checker are COMs or ActiveX objects that can be accessed from a Windows application.
An ActiveX control is a plug-in or a small program written in C++ and Visual Basic. Just like Java applets, ActiveX controls are small applications that run within web browsers. Programs that support such plug-ins are called ActiveX containers or component containers.
Microsoft Internet Explorer (IE) (the standard web browser for the Windows operating system) uses ActiveX controls or objects to facilitate rich media playback. This type of control in Internet Explorer allows users to watch video clips on the web page. Users do not have to launch a Windows Media Player separately to watch the clips. The pre-loaded ActiveX control accesses the Media Player’s functionality and plays the clips in the Internet Explorer browser window.
Another example of an ActiveX object is the Flash ActiveX control. Flash files can only be played by an Adobe™ Flash player. Some websites are programmed entirely with Flash, which Internet Explorer cannot play. Therefore, a Flash ActiveX component is installed to view the site. It automatically detects sites containing flash files and accesses the Flash Player to play the files directly on the browser window.
The fact that these controls can be re-used by many programs has made it more vulnerable to malicious spyware. An attacker may re-use the component to add malicious code and gain access to personal data and files. To come up with a comprehensive solution, Microsoft has added some capabilities to Internet Explorer. Whenever a site attempts to install ActiveX control, the Internet Explorer displays a warning. This means a site cannot install an ActiveX component automatically, thus ensuring your system to be secured and free from spyware.