How long before anti-virus software disables ActiveX by default? Not a week goes by without yet another ActiveX related scare, surely by now it must be considered such a major security risk that it should be targeted by AV manufacturers as malware?

I'm well aware of the difference between ActiveX itself and scripts which use it, but what real purpose does it serve except to give blackhats a direct route into the heart of the OS? Every site has to provide alternative solutions for other browsers, so the lack of ActiveX isn't going to hurt anyone but Microsoft.

... for using proprietary Microsoft technology in the first place. And who uses MySpace these days anyway?

"ActiveX also presents an unacceptably high security risk to any user whose browser supports ActiveX technology. It is ridiculously easy to penetrate and damage a computer running a browser that allows ActiveX applets to be executed. For this reason, we cannot recommend ActiveX as a viable applet implementation technology and we go so far as to recommend that users disable ActiveX capability within their browser -- specifically Internet Explorer."

p. 395, in "HTML, The Definitive Guide" by Chuck Musciano and Bill Kennedy. 2nd edition, May 1997 (O'Reilly, Sebastopol)

but to reiterate what even only mildly knowledgeable people know of ActiveX it's a passport to the heart of your operating system and has always been unsafe signed or not. This will be completely ignored as it has for the last nine years and people will continue to have the problem.You give them books and they just chew the covers off whats the point.

Interesting that Secunia seems happy to scare-monger the average net user into signing up to it's service. http://secunia.com/advisories/28733/

As the posts above would indicate, there will *never* be a "solution" to the ongoing ActiveX debacle, except to permanently disable such controls. Rabbitting on with M$ about setting the "kill bit" only serves to blind everyday net users with B.S. so that they meekly sign up for yet another "security" service.

Out her in Commie China it is the 4th of February - but :

How come it has taken ~THREE days to get the first comment on this news to me?

It isn't ONLY this story - it's every damned story from LAST week that gets similarly delayed.

Since the first person to comment on the story had that opportunity to do so THREE days ago, where's MY copy of thie story been all this time? Round the Universe & back again ??

My icon := "IT?" with "SH" in front of it !!