Internet Explorer Security Concepts
To understand how these attacks work, it’s important to understand the components and concepts Internet Explorer uses for a rich and engaging browsing experience. The two most important ideas to understand are ActiveX controls and Internet Explorer security zones.
Microsoft added ActiveX support to Internet Explorer to give developers the opportunity to extend the browsing experience. These “controls” are just small programs written to be run from within a container, usually Internet Explorer. ActiveX controls can do just about anything that the user running them can do, including access the registry or modify the file system. Yikes! Before Internet Explorer will install and run an ActiveX ...