Fact-checked by Grok 2 weeks ago

ActiveX

ActiveX is a Microsoft-developed for creating and distributing reusable, interactive software components, known as ActiveX controls, that can be embedded in web browsers, applications, and documents to enable dynamic content such as animations, multimedia, and user interface elements. Introduced in 1996 as an evolution of (OLE) technology, ActiveX builds on the (COM) to allow developers to integrate components in Windows-based platforms and applications while supporting features like scripting and server-side processing. The framework's core consists of ActiveX controls, which are COM-based objects that expose the IUnknown interface for client interaction and support additional interfaces for events, properties, and methods. These controls enable in-place activation, drag-and-drop operations, property pages for customization, and for programmatic control, all while persisting state through multiple storage interfaces. ActiveX also incorporates Active Scripts for embedding languages like Scripting Edition () or into pages, Active Documents for viewing full applications within browsers without conversion, and server frameworks for back-end integration with tools like BackOffice. Historically, ActiveX was designed to standardize interactive following the rise of the in the mid-, with over 100 companies pledging support at its launch and distribution to thousands of developers. It extended OLE controls for use by adding capabilities like progressive rendering and size optimization, making it a key enabler for rich media in early browsers like . Widely adopted in the late and early for applications, Windows software, and plugins, ActiveX controls served as building blocks for user interfaces and automation in tools like and Visual C++. However, ActiveX's reliance on code execution within browsers and applications introduced significant vulnerabilities, including risks from untrusted controls that could access system resources without sufficient safeguards. As a result, has classified ActiveX as a legacy technology, advising against its use in new development since 2015. ActiveX controls have been disabled by default in Office 2024 since 2024 and in applications since April 2025 to mitigate risks, with no automatic updates for outdated controls and limited support in modern browsers like , which provides support via compatibility mode. While some legacy support persists in mode through at least 2029, ActiveX is being phased out in favor of safer alternatives like and modern web standards.

Definition and Overview

Core Concept

ActiveX is a developed by for creating and distributing reusable software components that can be embedded within applications, enabling enhanced functionality across Windows-based environments. These components, known as ActiveX controls, allow developers to build modular elements that integrate seamlessly into host applications, such as web browsers, without requiring the full recompilation of the hosting software. Introduced in 1996 as a and initiative for existing () controls, ActiveX aimed to simplify the deployment of interactive features in . The primary purpose of ActiveX is to facilitate dynamic and interactive content delivery, particularly in early , where it enabled the incorporation of elements, animations, and user-interactive forms directly into web pages. For instance, developers could embed controls for video playback, animations, or data input forms, transforming static pages into rich, application-like experiences comparable to desktop software. This capability was especially prominent in , where ActiveX controls acted as plugins to extend browser functionality beyond basic web standards. Unlike contemporaneous technologies such as applets, which emphasized cross-platform portability through a , ActiveX prioritizes deep integration with the Windows operating system and leverages COM-based reusability for efficient component sharing across applications. ActiveX is built upon the (COM), 's foundational architecture for interoperability among software objects. This Windows-centric approach allowed for tighter performance and access to native system resources but limited its applicability outside Microsoft ecosystems.

Architectural Foundations

ActiveX represents an extension of Microsoft's Component Object Model (COM), a binary standard designed to enable software components to interact seamlessly across processes and machines while maintaining interoperability through well-defined interfaces. COM specifies object interactions using the Microsoft Interface Definition Language (MIDL), where each interface is uniquely identified by a Globally Unique Identifier (GUID), ensuring that components can be discovered and invoked without ambiguity. This binary standard allows ActiveX to support language-agnostic development, permitting components written in different programming languages to communicate via standardized marshaling and proxy/stub mechanisms. At the core of COM—and thus ActiveX—is the IUnknown interface, which every COM object must implement as its foundational base. IUnknown provides three essential methods: QueryInterface for querying support for additional interfaces, AddRef for incrementing reference counts to manage object lifetime, and for decrementing them, thereby enabling dynamic discovery and safe usage of object capabilities without prior knowledge of the full interface set. Building on this, ActiveX leverages (OLE) technologies to facilitate the embedding and linking of objects across diverse applications, particularly through compound documents that support in-place activation and data sharing. OLE's structured storage model ensures persistence and portability of embedded components, allowing them to maintain state independently within host environments. ActiveX itself comprises a collection of APIs and protocols that extend to create reusable, distributable components, optimized for scenarios like web integration and application extensibility. These components can operate as in-process servers, typically implemented as Dynamic Link Libraries (DLLs) that load directly into the client's for high performance and resource sharing, or as out-of-process servers in the form of files () that run separately to provide fault isolation via protocols. This dual-server model, rooted in OLE's framework, allows ActiveX components to expose properties, methods, and events through incoming and outgoing interfaces, respectively, while supporting self-registration in the using GUIDs for seamless deployment.

Historical Development

Origins in Microsoft Technologies

ActiveX originated from Microsoft's efforts to establish a standardized framework for component-based software development within the Windows ecosystem. In 1992, Microsoft released Windows 3.1, which integrated Object Linking and Embedding (OLE) 1.0—introduced in 1990—enabling seamless integration of documents and data across applications by allowing objects from one program to be embedded or linked into another while retaining editing capabilities. OLE 2.0, released in 1993, expanded to support more complex interactions, laying the groundwork for reusable software components. Subsequently, in 1993, Microsoft developed the Component Object Model (COM) to underpin OLE 2.0, providing a binary-standard interface for language-neutral object communication and inter-process interactions in Windows environments. COM standardized how components could be created, discovered, and invoked, facilitating modular software design without tight coupling between applications. By the mid-1990s, as the gained prominence, sought to extend these technologies to the internet to enable dynamic content delivery and compete with emerging alternatives like ' Java applets and Netscape's plugin architecture. Java, introduced in 1995, offered platform-independent code execution for interactive web experiences, while supported extensible plugins for multimedia and custom features, threatening 's dominance in desktop software. To counter this, repurposed elements of and for web use, focusing on controls that could be embedded in pages to provide rich, interactive functionality without requiring platform-specific recompilation. This strategic pivot aimed to leverage 's existing Windows developer base and integrate web enhancements directly into its ecosystem. The term "ActiveX" was coined in by Microsoft's marketing team to rebrand OLE Custom Controls (OCXs), which were previously limited in appeal mainly to developers, for broader adoption in web and multimedia applications. OCXs, as binary files implementing interfaces, allowed for reusable elements like buttons, sliders, and media players; the ActiveX branding emphasized their "active" nature for internet scenarios, encompassing not just controls but also scripting and document technologies. This rebranding occurred alongside the announcement of ActiveX Technologies on , , positioning them as an open framework for internet innovation built on standards. ActiveX was initially integrated with 3.0, released in beta form on May 29, 1996, as the primary vehicle for delivery and execution of these controls in web browsers. IE 3.0 supported the tag for embedding ActiveX components, allowing automatic download and installation, which differentiated it from manual plugin setups in competitors. This tight integration with Microsoft's browser ensured seamless deployment on Windows platforms, accelerating adoption among developers familiar with and .

Key Milestones and Evolution

ActiveX officially debuted in 1996 alongside the release of 3.0, which introduced support for embedding ActiveX controls in pages to enable more interactive web content. This launch positioned ActiveX as a key component in Microsoft's strategy to integrate (COM) technologies with internet applications, facilitating reusable software components across development environments. By the late 1990s, ActiveX reached peak adoption, especially within enterprise intranet applications, where it powered dynamic features like data visualization and custom interfaces in corporate networks reliant on Windows ecosystems. Its widespread use in business settings stemmed from seamless integration with Microsoft tools, enabling efficient deployment of intranet-based workflows and tools for internal communication and data access. In the early 2000s, ActiveX evolved through integration with the .NET Framework via interop, which allowed .NET applications to consume and expose COM-based ActiveX components, bridging legacy systems with newer managed code environments starting with .NET Framework 1.0 in 2002. This adaptation extended ActiveX's utility in hybrid development scenarios, supporting continued use in desktop and web-integrated applications. The 2001 release of brought enhancements to ActiveX security, including improved via Authenticode and the introduction of Software Restriction Policies, which allowed administrators to control the execution of unsigned or untrusted ActiveX controls more granularly. These updates aimed to mitigate risks associated with ActiveX's execution model while maintaining compatibility for enterprise deployments. Throughout the 2000s, the emergence of cross-platform web standards such as , CSS, and diminished ActiveX's prominence, as developers shifted toward open, browser-agnostic technologies that avoided platform-specific dependencies, leading to reduced relevance by 2010. This transition was accelerated by growing concerns over ActiveX's vulnerabilities and limited beyond Windows. A pivotal event occurred in 2006 when announced Silverlight at TechEd, presenting it as a cross-platform for delivering rich media and applications, effectively signaling a partial of ActiveX for scenarios in favor of this newer, more versatile , though complete phase-out remained deferred.

Key Components and Technologies

ActiveX Controls

ActiveX controls are reusable software components built on the (COM) that enable the creation of interactive elements within applications and web pages. These controls are typically packaged as binary files with the .ocx extension and serve as embeddable objects for functionalities such as command buttons, list boxes, text boxes, media players, and charts. Developers create them using tools like for rapid prototyping or the (ATL) in Visual C++ for more efficient, lightweight implementations. The creation process involves implementing COM-compliant interfaces to define the control's behavior, including properties for exposing data, methods for performing actions, and events for responding to user interactions. This ensures the control can integrate seamlessly with host environments supporting , providing a standardized way to customize appearance and functionality. Once developed, controls are compiled into .ocx files that encapsulate the necessary code for self-contained operation. In usage, ActiveX controls are embedded in HTML documents via the <OBJECT> tag, where the control's class identifier (CLSID) is specified to instantiate it dynamically within the browser or application. They support interaction with client-side scripting languages like VBScript, allowing developers to manipulate properties, invoke methods, and handle events through embedded scripts for enhanced interactivity. For distribution, ActiveX controls require installation on the target system, typically by registering the .ocx file in the using the Regsvr32.exe utility, which records the control's CLSID and interfaces for system-wide accessibility. To facilitate trusted execution, particularly in web scenarios, controls can be digitally signed with Authenticode certificates, verifying the publisher's and ensuring the to minimize warnings during and initialization.

Related ActiveX Features

Active Document technology extends the compound document capabilities of (OLE) by introducing additional interfaces for managing views and enabling full application hosting within containers such as web browsers. Unlike traditional OLE objects, which display only portions of content within a host document, Active Document servers provide the complete user interface and functionality of the source application, allowing users to interact with documents like files directly in a browser environment. This is achieved through OLE embedding mechanisms, where the container—such as —hosts multiple document types from various applications, facilitating seamless integration of full-featured documents into web pages. Active Scripting serves as a framework for integrating scripting engines into applications and controls, enabling dynamic behavior and automation within the ActiveX ecosystem. It leverages (COM) interfaces to support engines like Microsoft JScript and , allowing developers to embed scripts that interact with ActiveX components for tasks such as event handling and data manipulation. This integration enhances the interactivity of ActiveX controls by permitting runtime code execution, where scripts can respond to user actions or modify control properties without requiring recompilation of the host application. Active Accessibility, a Microsoft technology for user interface automation, ensures that ActiveX controls—particularly windowless ones—are compatible with assistive technologies for users with disabilities. It utilizes the Windows Accessibility API to expose control properties, events, and states, enabling screen readers and other tools to navigate and interact with ActiveX elements in a standardized manner. Complementing this, Active Channels, introduced as a feature in 4.0 in 1997, provided a mechanism for push-based content delivery directly to the desktop, leveraging ActiveX technologies to synchronize and display updated web content offline. This allowed content providers to schedule automatic updates, such as news feeds or personalized information, through an open webcasting architecture integrated with the browser's ActiveX framework. On the server side, Microsoft Transaction Server (MTS), released in 1996, extended ActiveX capabilities to distributed environments by providing transaction management services for COM-based components. MTS acted as a layer that hosted ActiveX components, enabling scalable, -aware applications for enterprise scenarios like and database operations. It simplified the deployment of distributed components by handling resource pooling, , and coordination, allowing developers to build robust server-side logic using familiar ActiveX development tools.

Implementation and Support

Platform Compatibility

ActiveX provides exclusive native support on Microsoft Windows operating systems, starting from onward, as it is fundamentally based on the (COM) and (DCOM), which are proprietary technologies embedded in the Windows architecture. The technology maintains full compatibility across major Windows versions, including , 2000, XP, , 7, 8, 10, and 11, enabling seamless integration in both desktop and web environments where supported. However, in versions post-Windows 10, ActiveX faces increasing restrictions, such as being disabled by default in applications like 2024 and, as of April 2025, in applications to enhance security, and requiring specific configurations like Internet Explorer Mode in for continued functionality. Cross-platform compatibility is limited to unofficial implementations, such as through Wine on and macOS, which offer partial emulation but lack comprehensive and DCOM features, often resulting in incomplete or unreliable operation. This non-portability is largely due to ActiveX's reliance on the for component registration and discovery, a mechanism absent in non-Windows environments.

Usage in Web Browsers

ActiveX controls were primarily deployed in web browsers through the HTML <OBJECT> and <EMBED> tags, enabling their embedding in (IE) pages as (COM) objects. The <OBJECT> tag specifies the control's class identifier (CLSID) and codebase for downloading, while <EMBED> provided fallback compatibility for earlier implementations. This integration allowed ActiveX to render interactive content, such as multimedia or custom elements, directly within IE's rendering engine. Support for ActiveX persists in via its mode, which emulates IE's compatibility layer for legacy web applications. The rendering process begins when a browser encounters an ActiveX reference on a webpage; if the control is not registered locally, IE prompts the user for permission to download and install it from the specified codebase URL. Upon approval, the control is installed via a cabinet (CAB) file or executable, requiring administrative privileges in some cases, and then instantiated as a COM object within the browser's process. Execution occurs in the browser's security context, with IE 10 and later versions applying sandboxing through Enhanced Protected Mode for low-integrity sites to restrict access to system resources, though this isolation is limited compared to modern web standards. ActiveX is blocked by default in modern browsers such as , Mozilla Firefox, and Apple Safari, which never provided native support and phased out plugin architectures like around 2015 for security reasons. , released in 2013, remains the last browser with full native ActiveX support, though its desktop version entered end-of-support on June 15, 2022. In enterprise environments, ActiveX usage continues as of 2025 through Edge's mode, configured via XML site lists to automatically render legacy sites requiring controls for compatibility. Following security incidents involving zero-day exploits, in October 2025 locked down access to mode by removing dedicated toolbar, context menu, and hamburger menu options; users must now enable it via settings under Default Browser ("Allow sites to be reloaded in mode") and add specific sites to the mode pages list. This mode enables controlled access to ActiveX for critical legacy applications while applying modern security policies.

Integration in Desktop Applications

ActiveX components enable the embedding of reusable controls and objects within applications, particularly those built on the Windows , to enhance user interfaces and functionality without requiring browser involvement. In applications, such as Excel and Word, developers can insert ActiveX controls like command buttons, scroll bars, and list boxes directly onto worksheets, documents, or user forms to create interactive elements. For instance, an Excel can be embedded as an ActiveX object, allowing dynamic manipulation through (VBA) code, where the OLEObjects collection's Add method programmatically places the control on a sheet. This integration supports custom UI extensions, such as adding a media player control to a PowerPoint for embedded video playback during presentations. Development tools like facilitate the creation and hosting of ActiveX controls in Win32 and applications through (COM) integration. In C++ projects using the Microsoft Foundation Classes (MFC) library, developers can add ActiveX controls via the ActiveX Control Wizard, which generates the necessary code for container support, including event handling and property exposure. For .NET-based WinForms apps, ActiveX components are referenced using the Reference Manager, enabling seamless hosting of legacy controls alongside modern UI elements, though 32-bit compatibility considerations apply for older systems. This approach allows Win32 applications to incorporate third-party ActiveX objects, such as calendar controls or data grids, for enhanced desktop productivity tools. COM automation underpins scripting and late binding of ActiveX components in desktop environments via the IDispatch , which exposes methods and properties dynamically without compile-time knowledge of the object's structure. Applications like those developed in can invoke ActiveX controls at , facilitating script-driven interactions such as automating in a custom form hosted within a larger Win32 executable. This mechanism supports interoperability in legacy software, including Visual Basic 6 (VB6) applications, where ActiveX controls are natively inserted from the toolbox to build modular, reusable in standalone executables. Beyond ecosystems, ActiveX integration appears in legacy desktop software such as older products, where controls were embedded for extended functionality in applications like , though support has diminished in modern versions. Custom VB6-based applications frequently hosted ActiveX components for tasks like network communication or , leveraging the framework's foundation to distribute functionality across processes. Active Documents, a related ActiveX feature, extend this by allowing full document embedding as interactive objects in host applications.

Security and Risks

Major Vulnerabilities

ActiveX controls, designed to run as native code within Internet Explorer and other Windows applications, inherently lack sandboxing, allowing them to execute with the full privileges of the logged-on user and access system resources without restriction. This absence of isolation enables arbitrary code execution if a control is exploited, as attackers can invoke any user-permitted actions, including file manipulation and network operations, directly on the host machine. Additionally, poorly implemented controls are prone to buffer overflows, where malformed input overflows memory buffers, leading to crashes or remote code execution vulnerabilities. Historical exploits highlight these flaws, such as the 2008 Microsoft Access Snapshot Viewer vulnerability (MS08-041), where a signed ActiveX control allowed arbitrary file downloads without user interaction, enabling malware installation via drive-by attacks. Microsoft responded by implementing kill bits—registry settings that block vulnerable controls from loading in Internet Explorer—to mitigate such threats, a measure frequently used for controls like the Yahoo! Toolbar Helper ActiveX, which suffered buffer overflows leading to denial-of-service or code execution. Another example is the 2010 Access ActiveX controls flaw (MS10-044), where improper memory handling during loading permitted remote code execution upon visiting a malicious site, potentially granting attackers full system control. Attack vectors primarily involve drive-by downloads, where malicious HTML pages exploit controls silently in the background without prompting the user, often through compromised websites or phishing emails linking to exploit kits like MPack. In the early , ActiveX served as a primary target for browser-based exploits due to its deep system integration, with vulnerabilities enabling widespread distribution via seemingly innocuous . Even signed ActiveX controls, intended to verify publisher authenticity via Authenticode, remain susceptible to exploitation, as digital signatures do not guarantee code safety and can be abused through social engineering tactics that trick users into approving installation or execution prompts. Attackers leverage this by crafting scenarios where users bypass warnings, allowing malicious signed controls to run unrestricted and compromise systems.

Security Mitigations and Best Practices

introduced Authenticode in 1996 as a code-signing technology to verify the authenticity and integrity of ActiveX controls, allowing users to confirm the publisher before installation and execution. This mechanism uses signatures to mitigate risks from unsigned or tampered controls, prompting users to trust only verified sources. In 2009, introduced , which runs the browser process with restricted privileges in the zone, limiting ActiveX controls' ability to access the or registry even if exploited. Administrative controls provide additional layers for managing ActiveX risks. settings in Windows allow administrators to disable ActiveX controls entirely or restrict their initialization across security zones, such as by enabling policies under User Configuration > Administrative Templates > Windows Components > . The killbits registry mechanism, implemented via entries in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft[Internet Explorer](/page/Internet_Explorer)\ActiveX Compatibility, blocks specific ActiveX controls by their CLSID, preventing instantiation regardless of signing status; Microsoft regularly updates these through advisories. Best practices for users emphasize caution with ActiveX deployment. Controls should only be enabled for unsigned or untrusted sources in the Trusted Sites zone via Internet Options > Security > Custom Level, and unsigned controls must be avoided to prevent unauthorized execution. Enhanced Security Configuration, enabled by default on editions since its introduction with , disables ActiveX controls and scripting in the zone to reduce exposure on administrative systems. Where possible, alternatives like modern web standards should be prioritized over ActiveX. Developers can enhance control safety by marking them as safe-for-scripting and safe-for-initialization using IObjectSafety interface implementations, ensuring they do not expose dangerous methods to scripts without validation. Essential guidelines include rigorous input validation to prevent buffer overflows or injection attacks, limiting control capabilities to necessary functions, and testing under to confirm restricted behaviors.

Deprecation and Modern Context

Timeline of Phase-Out

The phase-out of ActiveX support began in the early with enhanced security restrictions in Microsoft's web browsers. In March 2011, the release of introduced as the default for the Internet security zone, running the browser process at low integrity to limit ActiveX controls' access to the and other resources unless users explicitly allowed them. This marked an initial shift toward containing ActiveX's potential risks without fully eliminating support. A more definitive step occurred in May 2015, when announced that the new Edge browser, introduced with , would not support ActiveX controls natively. This decision was driven by the maturity of standards, which reduced the need for proprietary extensions like ActiveX, and aimed to improve cross-browser compatibility and security. ActiveX remained available in legacy mode on for enterprise compatibility, but no new features or enhancements for ActiveX in web contexts were developed thereafter. Support for ActiveX continued to wane with subsequent Windows releases. The launch of in October 2021 further marginalized ActiveX, as the operating system relies on for browsing and provides ActiveX functionality only through the deprecated mode in Edge, intended solely for legacy applications rather than new development. This compatibility layer does not receive dedicated updates for ActiveX beyond general browser security patches. In the desktop application space, accelerated the phase-out in 2024 and 2025. Starting with the October 2024 release of Office LTSC 2024, ActiveX controls were disabled by default in Win32 desktop applications such as Word, Excel, PowerPoint, and Visio, preventing their creation or interaction without user reconfiguration. This change extended to subscriptions in April 2025, where ActiveX was similarly blocked by default across the same applications to mitigate longstanding vulnerabilities. The end-of-life of on June 15, 2022, compounded these efforts, as it eliminated primary browser-based support for ActiveX in consumer environments, with no further updates provided for the standalone beyond that date, although ActiveX support continues through IE mode in . In October 2025, following zero-day vulnerabilities exploited in IE mode, Microsoft restricted access by removing quick-access options and requiring manual site configuration for , further limiting legacy ActiveX usage.

Alternatives and Legacy Impact

As modern web technologies have evolved, primary alternatives to ActiveX have emerged to provide interactive and performant components without the platform-specific dependencies and security drawbacks of Microsoft's legacy framework. For web interactivity, and standards, including APIs like , , and the , enable rich multimedia, animations, and data handling directly in browsers, offering cross-platform compatibility that ActiveX lacked. These capabilities have largely supplanted ActiveX's role in embedding dynamic content, as evidenced by their adoption in major frameworks like and for building responsive user interfaces. For performance-heavy components requiring low-level code execution, WebAssembly (Wasm) serves as a robust alternative, allowing compiled languages such as C++, Rust, or even legacy codebases to run at near-native speeds within browsers via a binary instruction format. Unlike ActiveX, which tied components to Windows environments, WebAssembly operates sandboxed and interoperates seamlessly with JavaScript, supporting use cases like complex simulations or data processing that once relied on plugins. The transition from deprecated NPAPI plugins—once a cross-browser rival to ActiveX—further underscores this shift, with modern web APIs and WebAssembly recommended as replacements to avoid obsolescence in browsers like Chrome and Firefox, where NPAPI support ended by 2015 and 2017, respectively. ActiveX's legacy has profoundly shaped enterprise software ecosystems, particularly by bolstering the endurance of the (COM) within Windows environments. Although ActiveX itself is deprecated, COM persists as a foundational technology for in 2025 and enterprise applications, enabling legacy integrations in sectors like and where refactoring is cost-prohibitive. This survival stems from ActiveX's early promotion of reusable components, which embedded COM deeply into Windows APIs and tools like , fostering a vast repository of compatible software that enterprises continue to maintain. However, ActiveX also amplified browser risks during the era, where its Windows exclusivity discouraged cross-platform development and heightened vulnerability to exploits, ultimately accelerating the push toward open web standards. Migration from ActiveX typically involves refactoring to cross-platform web standards to ensure longevity and security. Developers are advised to rewrite ActiveX-dependent logic using elements and libraries—for instance, replacing file system interactions with the File API or server-side equivalents—while leveraging tools like Edge's (IE) mode for compatibility testing of legacy controls in 2025 environments. This approach minimizes disruptions, as IE mode emulates ActiveX support for sites without requiring full browser downgrades, though full migration to standards-compliant code is essential for broader . In niche applications, ActiveX endures in air-gapped industrial systems, such as human-machine interfaces (HMIs) in and control software, where isolated networks mitigate security concerns and legacy hardware compatibility demands its use. For example, specialized ActiveX controls facilitate visualization in systems, but explicitly discourages new ActiveX development, favoring .NET or web-based alternatives to align with evolving security postures in Windows and ecosystems.

References

  1. [1]
    Microsoft Announces ActiveX Technologies - Source
    Mar 12, 1996 · ActiveX Technologies form a robust framework for creating interactive content using software components, scripts and existing applications.
  2. [2]
    ActiveX Controls - Win32 apps - Microsoft Learn
    Aug 21, 2020 · ActiveX controls technology rests on a foundation consisting of COM, connectable objects, compound documents, property pages, OLE automation ...
  3. [3]
    MFC ActiveX Controls | Microsoft Learn
    Aug 2, 2021 · An ActiveX control is a reusable software component based on the Component Object Model (COM) that supports a wide variety of OLE functionality ...
  4. [4]
    ActiveX Controls on the Internet | Microsoft Learn
    Aug 2, 2021 · ActiveX controls are updated OLE controls, used in web browsers to add functionality to web pages. They are programmable software components.<|control11|><|separator|>
  5. [5]
    ActiveX Controls Architecture - Win32 apps - Microsoft Learn
    Aug 23, 2019 · ActiveX controls are used to provide the building blocks for creating user interfaces in applications.
  6. [6]
    Out-of-date ActiveX controls - Microsoft Support
    Many ActiveX controls don't automatically update, they can become outdated as new versions are released. It's important that you keep your ActiveX controls ...
  7. [7]
    ActiveX disabled by default in Microsoft 365
    Apr 11, 2025 · ActiveX is disabled by default in Microsoft 365 to reduce security risks, as the previous setting allowed potentially dangerous controls.
  8. [8]
    ActiveX Controls | Microsoft Learn
    Aug 3, 2021 · In Visual C++ you can create ActiveX controls using MFC or ATL. Important ActiveX is a legacy technology that should not be used for new development.
  9. [9]
    ActiveX controls are disabled by default in Microsoft 365 and Office ...
    When ActiveX controls are disabled, you will not be able to create new ActiveX objects or interact with existing ones. This change applies to Word, Excel, ...
  10. [10]
    Active X is not functioning in Win 11 Edge browser - Microsoft Learn
    Jan 30, 2025 · ... ActiveX controls will continue to eb supported for the foreseeable future, but will be eventually deprecated, so it is also time to update ...
  11. [11]
    Regarding End of Support for Microsoft Web Browser Control ActiveX
    Nov 26, 2021 · IE mode supports ActiveX controls except Silverlight, which ended support on October 12, 2021. IE mode will be supported through at least 2029.
  12. [12]
    Exploring ActiveX Technology: Overview for Developers - Two Pilots
    Jan 17, 2024 · ActiveX facilitates the creation of visually appealing and interactive user interfaces. With support for multimedia elements, animations ...Missing: content | Show results with:content
  13. [13]
    How ActiveX for Animation Works | HowStuffWorks - Entertainment
    Apr 28, 2008 · ActiveX can be applied in a number of different areas, such as animation. Learn how ActiveX for animation works at HowStuffWorks.Missing: dynamic | Show results with:dynamic
  14. [14]
    ActiveX and Internet Explorer 3
    With ActiveX, web sites come alive using multimedia effects, interactive objects, and sophisticated applications that create a user experience comparable to ...Missing: early plugins
  15. [15]
    Activex Control - an overview | ScienceDirect Topics
    ActiveX controls are the functional equivalent of Java applets. They use digital certificates instead of a sandbox to provide security. Unlike Java, ActiveX is ...Missing: reusability | Show results with:reusability
  16. [16]
    What are ActiveX controls and how do they work? - TechTarget
    Dec 21, 2021 · An ActiveX control is a small program that other applications can reuse to enable the same functionality, without the extra development work.Missing: multimedia animations
  17. [17]
    Component Object Model (COM) - Win32 apps - Microsoft Learn
    Aug 21, 2020 · COM is the foundation technology for Microsoft's OLE (compound documents) and ActiveX (Internet-enabled components) technologies. Automation
  18. [18]
    April 6: Microsoft Releases Windows 3.1 | This Day in History
    Apr 6, 1992 · It also refined its OLE (Object Linking and embedding) concept, allowing users to cut and paste between applications. ©2025 Computer History ...
  19. [19]
    Module 2. Using COM in Your Windows-Based Program
    Aug 19, 2020 · COM was introduced in 1993 to support Object Linking and Embedding (OLE) 2.0. People sometimes think that COM and OLE are the same thing. This ...<|separator|>
  20. [20]
    Java and ActiveX - InfoWorld
    Java is a winner in the Internet, where heterogeneous computing is mandatory. Both Java and ActiveX have major advantages in the intranet.Missing: integration | Show results with:integration
  21. [21]
    1996: Microsoft Activates the Internet With ActiveX, JScript
    Feb 16, 2021 · ActiveX, announced in March 1996 at the PDC conference, was Microsoft's new component object model for the Web. It had been re-tooled from two ...Missing: definition | Show results with:definition
  22. [22]
    Microsoft Internet Explorer 3.0 Beta Now Available - Source
    May 29, 1996 · Internet Explorer version 3.0 beta software, the next generation of its popular World Wide Web browser and the first to support ActiveX
  23. [23]
    Microsoft Announces Decision to Transition ActiveX Technologies ...
    Jul 26, 1996 · ActiveX is an open, cross-platform set of technologies for integrating components on the Internet and has been widely adopted by corporate MIS ...
  24. [24]
    ActiveX's move looks spurious to industry watchers - InfoWorld
    Nov 1, 1996 · The Open Group intends “to manage the cross-platform evolution of ActiveX technologies, to improve interoperability with other environments ...<|separator|>
  25. [25]
    COM Interoperability in .NET Framework Applications - Visual Basic
    Mar 11, 2022 · When you want to use COM objects and .NET Framework objects in the same application, you need to address the differences in how the objects exist in memory.
  26. [26]
    .NET Interop: Get Ready for Microsoft .NET by Using Wrappers to ...
    To top off the tutorial on the interoperation of COM and .NET, the article discusses how ActiveX containers can host .NET controls, and how .NET containers can ...
  27. [27]
    [PDF] Guidance for Securing Microsoft Windows XP Systems for IT ...
    Aug 27, 2018 · Windows XP SP2 made several enhancements to the security of Outlook Express. For example, users can configure it to display received e-mail ...
  28. [28]
    Remembering ActiveX Controls, the Web's Biggest Mistake
    Mar 12, 2021 · Introduced in 1996, Internet Explorer's ActiveX controls were a bad idea for the web. They caused serious security problems and helped cement the dominance of ...
  29. [29]
    A Slow Death for ActiveX? - eWeek
    Feb 2, 2006 · This slow march away from ActiveX will probably tend to increase security generally because it will tend to make it harder for developers to get ...
  30. [30]
    Silverlight: Start Building A Deeper Experience Across The Web
    Silverlight is a browser plug-in that renders XAML, exposing its internal Document Object Model (DOM) and event model to the browser in a scriptable manner.
  31. [31]
    Enable or disable ActiveX settings in Office files - Microsoft Support
    Examples include customized applications for collecting data, viewing certain kinds of files, and displaying animation. Common uses of ActiveX controls are ...
  32. [32]
    Writing ActiveX Controls in Visual Basic versus Visual C++
    Oct 24, 2019 · In 1996, these user interface gadgets became known as ActiveX controls, and the features that constituted an OLE control (rendering, events, ...Missing: coined OCX
  33. [33]
    Embedding COM Objects in Web Pages - Win32 apps
    Aug 23, 2019 · To embed COM objects, create an instance using an OBJECT tag or script, then reference it in scripts using its ID. This only works in browsers ...
  34. [34]
    How to automate Excel from a client-side VBScript - Microsoft Learn
    Oct 21, 2021 · Use VBScript to launch Excel from a webpage. Create an HTML file with a button, then click it in Internet Explorer to automate Excel.
  35. [35]
    Register an ActiveX control manually - Visual FoxPro - Microsoft Learn
    Sep 7, 2020 · You can use the Microsoft Register Server (Regsvr32.exe) to register a 32- bit .ocx file manually on a 32-bit operating system.
  36. [36]
    Upgrading an Existing ActiveX Control - Microsoft Learn
    Nov 4, 2021 · The .ocx file and all supporting files must be on the target machine or be downloaded across the Internet. This makes code size and download ...
  37. [37]
    Microsoft Security Bulletin MS02-050 - Important
    To describe just one scenario, the attacker might create an ActiveX control that performs some malicious task, then create an Authenticode digital certificate ...<|control11|><|separator|>
  38. [38]
    Active Documents | Microsoft Learn
    Aug 2, 2021 · Active documents extend the compound document technology of OLE. These extensions are provided in the form of additional interfaces that manage views.
  39. [39]
    Active Document Servers | Microsoft Learn
    Aug 3, 2021 · Unlike OLE embedded objects (which are simply displayed within the page of another document), Active documents provide the full interface ...Missing: technology | Show results with:technology
  40. [40]
    Active Document Containers | Microsoft Learn
    Aug 2, 2021 · An active document container, such as Microsoft Office Binder or Internet Explorer, allows you to work with several documents of different application types ...Missing: technology | Show results with:technology
  41. [41]
    Add Scripting to Your Apps with Microsoft ScriptControl
    Oct 24, 2019 · Microsoft provides scripting engines for VBScript and JScript®. Because the Active Scripting mechanism is hidden behind COM interfaces, you can ...Scriptcontrol Events · Adding Code And Objects · Executing CodeMissing: JScript | Show results with:JScript
  42. [42]
    Working with Scripting Languages | Microsoft Learn
    Jun 15, 2017 · Active Server Pages comes with two scripting engines: Microsoft Visual Basic Scripting Edition (VBScript) and Microsoft JScript. You can ...Using Vbscript And Jscript... · Vbscript Comments · Jscript Comments
  43. [43]
    Windowless ActiveX Control Accessibility - Win32 apps
    Jul 14, 2025 · This section describes how to use the Windows Accessibility API to ensure that windowless Microsoft ActiveX controls are accessible.
  44. [44]
    Use MSAA to make a windowless ActiveX control accessible
    Jul 14, 2025 · Describes how to use the Microsoft Active Accessibility API to ensure that your windowless Microsoft ActiveX control is accessible to assistive technology (AT) ...
  45. [45]
    More Than 250 Leading Entertainment, Sports ... - Microsoft News
    Microsoft's preconfigured premier Active Channel technology has broad reach and appeal. “Based upon our May 1997 survey of home PC users, just the 30-plus sites ...
  46. [46]
    Top Business Information Providers Rally to Support Microsoft ...
    May 21, 1997 · With Active Channels, Microsoft goes beyond other push solutions. By using Microsoft Internet Explorer 4.0's open webcasting architecture, these ...
  47. [47]
    Oracle Services for Microsoft Transaction Server
    Microsoft Transaction Server (MTS) is used in the middle tier as an application server for COM objects and transactions in distributed environments.
  48. [48]
    Definition of Microsoft Transaction Server - PCMag
    Based on Microsoft's component software architecture (COM), MTS hosts business logic written as ActiveX Server Components. A component is written for a single ...<|separator|>
  49. [49]
    Microsoft Transaction Server Helps You Write Scalable, Distributed ...
    MTS is a component-based programming model and runtime environment for developing, deploying, and managing high-performance, scalable, and robust enterprise ...
  50. [50]
    Microsoft and Macromedia Deliver Shockwave and ActiveX To ...
    Jun 3, 1996 · Microsoft introduced ActiveX technologies in ... Windows 95 original equipment manufacturers kit and the Microsoft Internet Starter Kit.
  51. [51]
    The Component Object Model - Win32 apps - Microsoft Learn
    Aug 23, 2019 · The Microsoft Component Object Model (COM) is a platform-independent, distributed, object-oriented system for creating binary software components that can ...
  52. [52]
    COM Technical Overview - Win32 apps - Microsoft Learn
    Jan 6, 2021 · The Microsoft Component Object Model (COM) defines a binary interoperability standard for creating reusable software libraries that interact at run time.
  53. [53]
    Overview of Office LTSC 2024 - Microsoft Learn
    Apr 2, 2025 · ActiveX. In Office LTSC 2024, ActiveX controls are disabled by default. However, IT administrators can re-enable ActiveX where necessary.
  54. [54]
    Wine Announcement - The Wine development release 1.3.9 is now ...
    The Wine development release 1.3.9 is now available. What's new in this ... support for ActiveX in built-in browser. - Icons on Internet shortcut menu ...
  55. [55]
    ActiveX Controls Registry Information - Win32 apps | Microsoft Learn
    Aug 21, 2020 · The Control entry marks an object as a control. This entry is often used by containers to fill in dialog boxes.
  56. [56]
    Checking For and Embedding ActiveX Controls on Internet Explorer
    Adding an ActiveX control to a page for an IE browser requires the use of the <object> tag. Two very important attributes of the <object> tag are common to all ...
  57. [57]
    Frequently asked questions (FAQ) about Microsoft Edge in the ...
    Jul 18, 2024 · If you run web apps that use ActiveX controls, BHOs, or legacy document modes on Internet Explorer (IE) 11, you can configure them to run in IE ...
  58. [58]
    https://learn.microsoft.com/en-us/deployedge/microsoft-edge-frequently-asked-questions
  59. [59]
    Use ActiveX controls for Internet Explorer 11 - Microsoft Support
    Open Internet Explorer and go to the site you want to allow ActiveX controls to run on. Select the Blocked button on the address bar, and then select Turn off ...
  60. [60]
    Hackers Exploit Microsoft Edge's Internet Explorer Mode to ...
    Oct 13, 2025 · In August 2025, intelligence obtained by the Edge security team revealed that malicious actors were targeting IE mode to bypass Chrome-style ...
  61. [61]
    A break from the past, part 2: Saying goodbye to ActiveX, VBScript ...
    May 6, 2015 · The need for ActiveX controls has been significantly reduced by HTML5-era capabilities, which also produces interoperable code across browsers.
  62. [62]
    Internet Explorer 11 - Microsoft Lifecycle
    The Internet Explorer (IE) 11 desktop application ended support for Windows 10 semi-annual channel on June 15, 2022. Customers are encouraged to move to ...
  63. [63]
    Configure local site list for Internet Explorer (IE) mode - Microsoft Learn
    Jul 18, 2024 · This article explains how to configure easy access to Internet Explorer mode (IE mode) and allow the use of local site lists in your organization.
  64. [64]
    Microsoft Locks Down IE Mode After Hackers Turned Legacy ...
    Oct 13, 2025 · Navigate to Settings > Default Browser · Locate the option labeled Allow sites to be reloaded in Internet Explorer mode and set it to Allow ...
  65. [65]
    Using ActiveX Controls on Sheets | Microsoft Learn
    Sep 13, 2021 · To programmatically add an ActiveX control to a sheet, use the Add method of the OLEObjects collection. The following example adds a command ...Missing: OCX | Show results with:OCX
  66. [66]
    Using ActiveX Controls on Word Documents | Microsoft Learn
    Sep 13, 2021 · To add a control to the text layer, hold down the SHIFT key while you click a control on the Control Toolbox. A control that you add to the text ...
  67. [67]
    Use ActiveX Controls on Slides | Microsoft Learn
    Sep 12, 2021 · You can add controls to your slides to provide a sophisticated way to exchange information with the user while a slide show is running.<|separator|>
  68. [68]
    Using the Windows Media Player Control with Microsoft Office
    Apr 25, 2023 · This section describes how to embed the Windows Media Player 9 Series or later ActiveX control in various documents created using Microsoft Office XP.
  69. [69]
    Add an ActiveX control to a C++ project - Win32 apps | Microsoft Learn
    Oct 29, 2024 · Do you need to build control add-ins? This module discusses how to build and integrate control add-ins with JavaScript in AL.
  70. [70]
    Wizards and the Resource Editors | Microsoft Learn
    Aug 3, 2021 · For ActiveX controls programming, the ActiveX Control Wizard serves a purpose much like that of the MFC Application Wizard.
  71. [71]
    Add references in the Reference Manager - Visual Studio (Windows)
    Aug 7, 2025 · You can use the Reference Manager dialog box to add and manage references to components that you, Microsoft, or another company developed.
  72. [72]
    Troubleshoot 32-bit problems - Windows Forms | Microsoft Learn
    May 6, 2025 · Visual Studio 2022 is a 64-bit process and can't load 32-bit components, regardless of the underlying technology, such as .NET Framework, .NET, or COM\ActiveX.
  73. [73]
    Implementing the IDispatch Interface - Microsoft Learn
    May 30, 2018 · ActiveX or OLE objects can implement the IDispatch interface for access by ActiveX clients, such as Visual Basic.Missing: apps | Show results with:apps
  74. [74]
    Overview of Automation | Microsoft Learn
    May 31, 2018 · ActiveX clients can access objects using IDispatch or by calling one of the member functions in the objects's vtable. Type Libraries, A type ...
  75. [75]
    How to: Work with ActiveX Controls - Visual Basic - Microsoft Learn
    Sep 15, 2021 · ActiveX controls are COM components or objects you can insert into a Web page or other application to reuse packaged functionality someone else has programmed.Missing: VBScript | Show results with:VBScript
  76. [76]
    Change in support for Acrobat and Reader plug-ins in modern web ...
    May 24, 2023 · Adobe is committed to continuing support for IE with ActiveX and web browsers that support NPAPI. PDF display issues with web browsers that ...
  77. [77]
    SocketTools ActiveX Edition
    A suite of ActiveX controls which makes it easy to add Internet functionality to your software, with support for VB6 and VBA.
  78. [78]
    [PDF] Results of the Security in ActiveX Workshop
    Dec 21, 2000 · (This is true for any code that runs directly on your machine and not in a sandbox.) The security issues relating to ActiveX cannot be ignored.<|separator|>
  79. [79]
    ActiveX Vulnerabilities – Threat To Web Security - Zscaler
    May 18, 2009 · ActiveX controls can be automatically downloaded and executed by Internet Explorer (with user acceptance) when viewing a web page or installed ...<|separator|>
  80. [80]
    Microsoft Security Bulletin MS10-044 - Critical
    Jul 13, 2010 · A remote code execution vulnerability exists in Access ActiveX controls due to the way that multiple ActiveX controls are loaded by Internet ...Missing: sandboxing | Show results with:sandboxing
  81. [81]
    At last! Microsoft calls time on ActiveX in Office 2024 - ThreatDown
    Sep 9, 2024 · The move to disable ActiveX follows Microsoft's phased disabling of macros downloaded from the internet and Adobe's glacial retirement of Flash.
  82. [82]
    Microsoft and VeriSign Announce Availability of Digital IDs For ...
    Aug 13, 1996 · CryptoAPI 2.0 is scheduled to be available in beta in the third quarter of 1996. ... MISF technologies implemented to date are Authenticode ...Missing: history | Show results with:history
  83. [83]
    Authenticode Digital Signatures - Windows drivers - Microsoft Learn
    Jul 11, 2025 · Authenticode allows users to verify the identity of the software publisher by chaining the certificate in the digital signature up to a trusted ...Missing: ActiveX | Show results with:ActiveX
  84. [84]
    IE 8 browser changes - Win32 apps - Microsoft Learn
    Jan 7, 2021 · This mode blocks browser extensions that could pose a security risk from running and lower privilege applications from accessing higher ...
  85. [85]
    InternetExplorer Policy CSP - Microsoft Learn
    Oct 3, 2025 · If you enable this policy setting, ActiveX Filtering is enabled by default for the user. The user can't turn off ActiveX Filtering, although ...Missing: integration | Show results with:integration
  86. [86]
    Microsoft Security Advisory 3118753
    Jan 12, 2016 · Microsoft is releasing a new set of ActiveX kill bits with this advisory. These ActiveX kill bits are included in the Internet Explorer cumulative update ...Affected Software · Advisory Faq · Other InformationMissing: Yahoo toolbar 2006<|separator|>
  87. [87]
    Out-of-date ActiveX control blocking (Internet Explorer 11 for IT Pros)
    May 9, 2018 · The out-of-date ActiveX control blocking feature works with all Security Zones, except the Local Intranet Zone and the Trusted Sites Zone.
  88. [88]
    FAQ about Internet Explorer Enhanced Security Configuration (ESC)
    Internet Explorer ESC adjusts the Internet Explorer extensibility and security settings to reduce exposure to possible future security threats. These settings ...Missing: 2006 | Show results with:2006
  89. [89]
    Mark MFC ActiveX controls as Safe for Scripting and Initialization
    May 7, 2022 · This article describes how to mark MFC ActiveX controls as safe for Scripting and Initialization.
  90. [90]
    Safe Initialization and Scripting for ActiveX Controls - Techs Helps
    This document describes the code that a control developer should implement to ensure safe initialization and safe scripting for a Microsoft® ActiveX™ control.Missing: best practices
  91. [91]
    ActiveX controls are disabled by default in Microsoft 365 and Office ...
    When ActiveX controls are disabled, you will not be able to create new ActiveX objects or interact with existing ones. This change applies to Word, Excel, ...Missing: browsers Firefox Safari 2015
  92. [92]
    NPAPI deprecation: developer guide - The Chromium Projects
    We recently updated our plans to phase out support for NPAPI in early 2015. This guide provides more details about what to expect and alternatives to NPAPI.
  93. [93]
    How test ActiveX in edge internet explorer mode. - Microsoft Learn
    Oct 12, 2023 · The ActiveX controls are only supported in the Internet Explorer mode. Just go to the page that requires ActiveX content, and a message should pop out.How to configure hardening ActiveX controls in internet optionsIE mode not working for legacy intranet sites in Microsoft EdgeMore results from learn.microsoft.comMissing: Modern. | Show results with:Modern.
  94. [94]
    Industrial Gadgets ActiveX - Product Details - Software Toolbox
    The Industrial Gadgets ActiveX is a software component intended for use in development tools such as VB, VB.NET or in off-the-shelf HMI software ...