ActiveX was developed by Microsoft as an alternative to Java applets. Therefore an ActiveX Control is very similar to a Java applet. ActiveX Controls do have one advantage over a Java applet however. Unlike a Java applet, an ActiveX Control has full access to the Windows operating system. Because of this, ActiveX Controls have much more power than a Java applet, but there are also increased security risks as a result of this additional access. In an attempt to address the increased security risk of an ActiveX Control, Microsoft created an electronic signature system so that a web browser could identify and validate ActiveX Controls before downloading them. The one downfall to an ActiveX Control is that it can only work in Windows operating systems and therefore is unavailable to Linux and other operating system users.

The biggest downfall to ActiveX is that it relies entirely on the end user to make decisions about whether or not a specific ActiveX Control can be trusted. The internet browser will identify and verify the ActiveX Control using an electronic signature. But once it has done that, the end user is prompted with the information and asked if they would like to allow the ActiveX Control to run.

If the programmer of the ActiveX Control is trusted, there is no inherent danger in an ActiveX Control. However, if the author of the ActiveX Control is not trusted, he or she may have created an ActiveX Control that contains malicious code, making an ActiveX Control very dangerous for your system. The biggest problems usually occur when an Internet Explorer user configures their web browser to accept ActiveX Controls from un-trusted websites. Malicious ActiveX Controls are a very common way for hackers to distribute malicious software, and therefore, an internet user should be very careful about the ActiveX Controls that they accept. To help protect from this, a computer user could use a different web browser that does not use the Trident rendering engine.

An ActiveX Control is just a glorified COM object, so there are many different ways that they can be written. Using Microsoft Foundation Classes is a method that is usually not recommended because the MFC DLLs are too large. Using Active Template Library on the other hand, is the most used method fro writing ActiveX Controls and is also the simplest way. Writing an ActiveX Control using C or C++ is the most difficult way and requires lots of supporting code in order for it to work correctly. For this reason, this method is not used very often. Finally, ActiveX Controls can be written in programming languages that support COM. An example of this would be Visual Basic.