A specific means by which to implement ActiveX technologies, an ActiveX Control is a COM (Component Object Model) object designed to be downloaded and used within Web pages. Once running on a user's computer, an ActiveX Control can perform the same tasks as other Windows applications, including opening files, connecting to a network and calling up other programs. Microsoft Windows ships with a number of ActiveX Controls already installed, which can be invoked by a Web page. Or, a Web page might send the user an additional ActiveX Control in real time where it is required to view the site content. An ActiveX Control, like all software can possess vulnerabilities that attackers can exploit to gain elevated privileges to a user's system. Criminals can create an ActiveX Control that has the properties of a Trojan, virus, worm, rootkit or other Malware program. A malicious ActiveX Control installed in stealth on a user's system could open a back door for Spyware, delete files or manipulate a legitimate ActiveX Control. To protect users from malicious ActiveX Controls, Microsoft has created a technique known as Authenticode. Authenticode enables software developers to sign cryptographically the programs they create using a digital signature obtained from a third party. When a user encounters a Web page with an embedded ActiveX Control, Internet Explorer displays a Security Warning indicating the source. That user can decide with some degree of certainty whether or not the application is from a trusted source or is potentially malicious, and whether to permit it to execute. Authenticode is not a foolproof method for detecting a malicious ActiveX Control. It shows the source, but does not guarantee that the program is safe. |