ActiveX and Java Repurposing

This article from ZDNet is primarily about a particularly subtle type of ActiveX exploit. However, the part of the story I found most interesting was the link to John Heasman's article on repurposing Java applets. I've always considered signed Java applets safe, but Heasman points out how that this assumption may be false. Interesting read.

Quote:

---

Originally Posted by slgrieb

This article from ZDNet is primarily about a particularly subtle type of ActiveX exploit. However, the part of the story I found most interesting was the link to John Heasman's article on repurposing Java applets. I've always considered signed Java applets safe, but Heasman points out how that this assumption may be false. Interesting read.

---

A signed *anything* isn't safe, the only thing that the signature tells is that the control was indeed made by THEBIGCOMPANY and not by TeHsmALlH4x0r