(no title)

It also had the nice side effect of being the security equivalent of a sucking chest wound. Flash and Java Applets were bad too (c.f. the famous Java classloader vulnerability, which could be exploited by loading a malicious applet), but they didn't seem to be nearly as bad as the horror that was ActiveX. Perhaps it was because ActiveX was intentionally designed to integrate with the host OS, or because it was more deeply integrated into the browser, but my recollection of ActiveX is that Microsoft never managed to get security right for ActiveX, and the way that ActiveX security was "solved" was by ditching ActiveX entirely.