Mandhak i dont think its paranoia, ActiveX control which running of a html page is just not safe. It has as much the same power as an .exe. Even client side VBScript is pretty powerful and i have seen people using that to read/modify registry settings though i think that exploits has been fixed. Even IE wanrns you before downloading ActiveX,that indicates something !

But for say a intranet application it would be useful to use ActiveX to make some parts of an application accessible via web browser.

johnweidauer: what the writing in the tea shirt ! Is it the blue screen of death ?