ActiveX security, other problems

Does activeX still have the horrible security problems that let malicious code see your computer, etc?
I turned it off under options (java still enabled) for security thinking this. Now I get horrible error message on sites with badly written ActiveX scripts:
Try lacss.homestead.com with activeX off, on my pc (IE only, Navigator OK) it comes up with recurring error that never goes away (and asks if I want to debug it in C as I have C++ compiler installed).

Is this just poorly written pgms? They never tested it on clients with IE with activeX off? Most web sites appear to ignore requests to fix stuff like this.
I’ve found this on other sites.