"Starkweather, Mike" <mike .
>Using the firewall to filter ActiveX and Java is like throwing out the
>baby with the bath water. This sounds more like a macro virus than a
>Internet exploit. Wouldn't it be better to treat it at the desktop
>instead of the firewall?
While Java applets can be run in a crippled "sandbox" environment I
am not aware that any such "sandbox" exists for ActiveX apps. Are you?
ActiveX apps generally get complete access to your machine under Windows 95.
This is tempered a bit under Windows NT but ActiveX apps still get the
same level of privilege(s) as other processes running as your userid
are granted -- w.r.t. access to local files, network I/O, hardware, etc.
For more information there is an article on ActiveX as a virus in the
Feb 3rd Network World (available to members of the NWFusion Web site via
URL http://www.nwfusion.com/ and DocFinder: 0526):
"ActiveX marks new virus spot" by Ellen Messmer
[and Carol Sliwa in one online version of the article]