Penguin

ActiveX is an evolution of COM technology, allowing reusable components which interact with each other. Its approach to security is very simple: any component may do whatever it wants to. There is a way to sign components (verifying that they come directly from the source they claim to be from) as well as ways to gain control over which third party components may be installed, but neither is fully reliable and both have had to have numerous implementation oversights fixed.

As such, ActiveX is a neat vector for virus distribution. Thanks Bill, we love ya...