Some of us may have heard that using the ActiveX components in Microsoft IE is a bad idea. The overall system design has a very bad reputation. This notion makes sense because there’s a real hole within the security system of a user’s local computer. If you change the security level in IE (allow create and execute ActiveX components) then your system can be compromised and some random code can be executed on your system.

However, this risk could be controlled. In IE, you can create a list of “trusted” sites and apply your special security settings only to this list of sites. In other words, you allow ActiveX component only when you visit one of the trusted sites. Moreover, you can set up and control these security settings by using your company’s security group policies.

The firm’s intranet sites with corporate Web applications are the most probable candidates to be included into the list of “trusted” sites. If you control IE security settings and use ActiveX in your Web application on a “browser” side, it gives you a really powerful tool to create rich Web applications.

ActiveX can be used as a bridge between your Web application and software or even hardware on your workstation.

Basically, you can do the following from your Web application pages: