Will Microsoft Change How ActiveX Runs in IE 8?

By Peter Galli  |  Posted 2008-03-05 Print this article Print

A security expert calls for ActiveX to be disabled from running by default, but an analyst says that won't work as PC users rely on too many such controls.

LAS VEGAS -Conspicuously absent from Microsoft's annual MIX conference here was any discussion by the software giant about whether it plans to change the way ActiveX will run in Internet Explorer 8.

Microsoft announced the first beta for IE8, the latest version of its Web browser, at the conference on March 5. The beta for IE 8 can be downloaded here.

Some security experts, like Will Dormann, a vulnerability analyst at the Carnegie Mellon Software Engineering Institute CERT/CC, are calling for ActiveX to be disabled from running by default in IE 8.

Dormann is telling IE users that they should, from a security perspective, disable ActiveX controls from running by default. "It would be nice if this is something Microsoft did with the next version of the browser," he said.

But Chris Swenson, the director of software industry analysis at the NPD Group disagrees with such a drastic approach. There are far too many Active X controls in circulation, including Flash, and many PC users rely on them, Swenson said.

"Disabling ActiveX would in many ways break the Web, especially in the areas of rich media and rich Internet application consumption. This was the fear a few years back when Microsoft was sued and the plaintiff argued that ActiveX violated their patent," Swenson told eWEEK.

"Microsoft, Macromedia and others really thought the suit might break the Web as we knew it but, thankfully, it didn't get to that point," he said.

With regard to the absence of information about whether IE 8 will include anti-malware blockers, anti-virus integration or changes to dangerous ActiveX-related defaults, Swenson said that Dean Hachamovitch, the general manager for Internet Explorer, had told him that they really wanted to focus here at MIX on the improvements to IE 8 that developers have been clamoring for.

Microsoft is trying to convey to Web developers and Web designers that it understands their pain points, especially the necessity to tweak pages to take into consideration the peculiarities of different Web browsers, Swenson said. That is why Microsoft has focused on building new features to help alleviate those issues, he said.

"By supporting CSS 2.1, HTML 5 and other Web standards in IE 8, Web designers and Web developers can spend less time tweaking their code to look good in different browsers, and more time creating great Web experiences," said Swenson.

"The integrated developer tools will, no doubt, help Web designers and developers quickly identify what might be wrong with their existing code, and help them make changes quickly and efficiently," he said.

Peter Galli has been a financial/technology reporter for 12 years at leading publications in South Africa, the UK and the US. He has been Investment Editor of South Africa's Business Day Newspaper, the sister publication of the Financial Times of London.

He was also Group Financial Communications Manager for First National Bank, the second largest banking group in South Africa before moving on to become Executive News Editor of Business Report, the largest daily financial newspaper in South Africa, owned by the global Independent Newspapers group.

He was responsible for a national reporting team of 20 based in four bureaus. He also edited and contributed to its weekly technology page, and launched a financial and technology radio service supplying daily news bulletins to the national broadcaster, the South African Broadcasting Corporation, which were then distributed to some 50 radio stations across the country.

He was then transferred to San Francisco as Business Report's U.S. Correspondent to cover Silicon Valley, trade and finance between the US, Europe and emerging markets like South Africa. After serving that role for more than two years, he joined eWeek as a Senior Editor, covering software platforms in August 2000.

He has comprehensively covered Microsoft and its Windows and .Net platforms, as well as the many legal challenges it has faced. He has also focused on Sun Microsystems and its Solaris operating environment, Java and Unix offerings. He covers developments in the open source community, particularly around the Linux kernel and the effects it will have on the enterprise.

He has written extensively about new products for the Linux and Unix platforms, the development of open standards and critically looked at the potential Linux has to offer an alternative operating system and platform to Windows, .Net and Unix-based solutions like Solaris.

His interviews with senior industry executives include Microsoft CEO Steve Ballmer, Linus Torvalds, the original developer of the Linux operating system, Sun CEO Scot McNealy, and Bill Zeitler, a senior vice president at IBM.

For numerous examples of his writing you can search under his name at the eWEEK Website at www.eweek.com.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel