Applauding the Death of ActiveX – Maybe

I still remember when Microsoft first introduced ActiveX in 1996. The technology was supposed to greatly simplify web applications. I even wrote ActiveX from the Ground Up to provide simplified technical information on using ActiveX (the book helped a lot of people, but some developers were looking for something a bit more technical). The idea was to extend Microsoft’s Object Linking and Embedding (OLE) technology to the Internet to make it possible to reuse code and to allow applications to share data.

The problems with ActiveX are many. The simplest of these problems is that ActiveX only works with Internet Explorer and only on Windows and Macintosh systems. The limitation means that ActiveX really doesn’t have a place with modern application development where everything has to run everywhere. However, even with this limitation, ActiveX is a security nightmare because it’s literally an invitation for anyone with any sort of code writing savvy at all to invade your system. Because these controls have complete access to your system (they don’t run in a sandbox), a hacker exploiting them can literally do anything and get by with it. Even Microsoft spent a good deal of time telling you how to protect yourself from the security issues that come with ActiveX control use. In short, using ActiveX controls are a truly horrid idea.

That’s why I’m pleased to mention that ActiveX will soon be dead—at least, from the perspective of new browser development. The new Edge browser won’t include any form of ActiveX support. Unfortunately, Internet Explorer (IE) will continue to hang around for quite a while, which means that a lot of old browsers out there will continue to represent a potential and potent security risk. On the desktop, IE11 has about 27.22 percent of the market share, IE8 13.58 percent, IE9 6.76 percent, and IE10 5.55 percent, for a total of 53.11 percent of the market. There is a high chance that someone out there has ActiveX running and that ActiveX control is causing everyone else woe.

Unfortunately, Edge won’t be available for Windows 7 and older versions of Windows, so you know that those older versions of Internet Explorer will hang around forever. Given the security risk that ActiveX represents, you’d think Microsoft would want to save itself some trouble and make Edge available for everyone. Consequently, even though ActiveX is eventually going to go away, don’t look for it to die immediately. Let me know your thoughts on Edge, ActiveX, and the potential problems with older versions of IE at John@JohnMuellerBooks.com.

 

Author: John

John Mueller is a freelance author and technical editor. He has writing in his blood, having produced 99 books and over 600 articles to date. The topics range from networking to artificial intelligence and from database management to heads-down programming. Some of his current books include a Web security book, discussions of how to manage big data using data science, a Windows command -line reference, and a book that shows how to build your own custom PC. His technical editing skills have helped over more than 67 authors refine the content of their manuscripts. John has provided technical editing services to both Data Based Advisor and Coast Compute magazines. He has also contributed articles to magazines such as Software Quality Connection, DevSource, InformIT, SQL Server Professional, Visual C++ Developer, Hard Core Visual Basic, asp.netPRO, Software Test and Performance, and Visual Basic Developer. Be sure to read John’s blog at http://blog.johnmuellerbooks.com/. When John isn’t working at the computer, you can find him outside in the garden, cutting wood, or generally enjoying nature. John also likes making wine and knitting. When not occupied with anything else, he makes glycerin soap and candles, which comes in handy for gift baskets. You can reach John on the Internet at John@JohnMuellerBooks.com. John is also setting up a website at http://www.johnmuellerbooks.com/. Feel free to take a look and make suggestions on how he can improve it.