This paper outlines the perceived threats to an organisation’s networks including the current focus of concern surrounding auto-executing code, or ‘active content’, and investigates how real these threats are in practice. It describes the two technologies of ActiveX and Java, investigating their security mechanisms and highlights some of the other methods for protecting systems against internet-borne malicious code.

For more information on active content, visit Sophos’ Web site.