User:Jjonespe

The Risk

With today's standards and common practices, most web browser configurations notify and prompt the user prior to the download of an ActiveX control. This can be a difficult choice if there is no guarantee or indication as to the function of the component and the requirement of the web page. Once the user accepts and the component is downloaded, considerable latitude is achieved - the ActiveX control now has the same privileges as the user. This poses security risks that including reading from, and writing to, the registry; manipulation of the user's local file system; and alteration of security rights.

While there are legitimate uses that provide visual display of web content or can functionally enhance the system, there are ActiveX components designed in such a way as to bring about significant malicious and damaging affects. ActiveX technology has been a handy an efficient vehicle for spyware/adware distribution, as well as activation and even propagation of malware. Programmers can embed spyware, Trojan horses, and virus infections to create rogue ActiveX technology.

A typical scenario would involve surfing to a site to play a game online. When coming to a site, the user is presented with a message stating that a download is required. In many instances, an ActiveX installation is required. In some cases, this is accompanied by a security warning dialog and possibly even a privacy policy, and typically, the expected outcome results. However, there are other outcomes where the results are not expected and certainly are undesirable. Some installations of Active X lead to a dialog prompt stating access to a web site is required. After enabling the connection, installations are initiated and icons are generated in the system tray. Now, the user begins to get pop-up and pop-under advertisements that generate repeatedly and cannot be turned off without removal of the unwanted software and distributed elements. By displaying traffic logs, we could see that certain http connections to the makers of adware exist and are actually proliferating. Removal is not straight-forward as standard uninstall procedures fail to remove the problem.