The US CERT advisory that common support tools have security problems is barely a surprise. Anything that uses ActiveX is a risk to the computer. It's no surprise that much of the malware that causes us so much grief uses it to infect victims.
While thinking that Firefox, Opera and other browser users are totally immune from bugs is a mistake, Internet Explorer's inbuilt support for ActiveX makes it by far the biggest and easiest target.
Why support companies have to use ActiveX based programs is beyond me. Given the known problems and prevalence of spyware you'd think they would avoid them. Instead they seem to rely on them.
The biggest joke is Symantec, where their Norton products are ActiveX dependent. When a Norton machine is infected with ActiveX based spyware, Norton crashes which in turn crashes the computer. To add insult to injury, the damaged system won't even let you uninstall Norton properly because, surprise, it requires ActiveX.
It's really time for ActiveX to get the flick, it's buggy, slow and vendor specific. Programmers and website designers who use it are lazy and letting down their users.
Thursday, March 01, 2007
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment