I've love to know a scenario where OLE is actually used today. It might have made sense in the early 90's pre-Internet & HTML computer world but really has no use today and is just a massive security hole. Seems like it should have just been completely removed (see also Vista's desktop gadgets, which were actually removed and disabled after realizing they were a huge security issue too).
The basic idea was great - copy some cells out of Excel and paste them into Word. You can put your sales statistics into your end-of-quarter report.
Then they added linking, so when the spreadsheet was updated, your report would update too. So you could make the report early, let Accounting update the spreadsheet, then just let the report auto-update.
I'm pretty sure Outlook uses the Word rendering engine. And dragging documents into Outlook is one of the ways to attach/embed a file into the email. So I'm pretty sure this still leverages that code.
I'm actually guessing this is almost everywhere. Maybe it didn't get put into Vista (where a number of security enhancements like the 2-level model aka UAC elevation got made) but it's still all over Office. I wonder if IE is impacted.
And that's great, until someone inserts a couple of rows into the range you've linked. Or moves the file. Or any one of another hundred things could happen to upset the OLE Gods.
Do not go anywhere near OLE linking... that way lies madness.
In the past I've used OLE regularly for Excel spreadsheets in AutoCAD drawings. Nothing else came close in terms of ease and reliability or standardization. OLE is a powerful technology and the complaint tastes a bit like "no one should use JavaScript because of XSS" on the palette. I mean just think what malicious input can do If passed to python in the shell.
Unrelated to Microsoft Office, I wrote a Perl utility that would run QXDM (telecom call testing software) via OLE in order to automate the initiation and answering of cellphone calls (think drive-testing or load-testing a cellular network). It was quite useful. Qualcomm, who licenses QXDM, had a fairly good reference document for the OLE interface to the program.
I don't know how much it shares w/ OLE compound documents, but OLE for Process Control (OPC, now retroactively renamed to "Open Platform Communications") is very common in multi-vendor SCADA environments.
It has a common ancestry, but OPC moved on. They are now using OPC-UA. And the usage is totally different. In OPC you do not imbed one app in another, it is a standardised protocol to get data from DCS/SCADA. But they did use DCOM up until OPC V 3.
I'm asking about the security issues. Although they usually implies bugs the only one I mentioned is the OLE packager one that generated a big security problem.
Might be misremembering, but I think there's a variant of it used heavily in industrial automation (eg factories). It was a standard that you had to buy for a significant sum of money. The friend in embedded design that told me didn't like it but many groups used it. Can't remember what it's called...
Past that, it's probably just there to make legacy software work like so many other problem-causing, Windows features. :)
I've love to know a scenario where OLE is actually used today.
Does it play no part in all of the [Clojure/Python/other langauge]-in-Excel posts that tend to get a decent number of upvotes here?
Maybe I'm mistaken about that - but it could have powered the kind of uber-notebook-in-Emacs packages that seem to be gaining popularity lately - twenty years ago.
OLE the technology is rather fundamental to custom controls and a whole load of other things. You could probably remove all OLE embedding from Word documents and not break too many use cases, but in other applications it may be more important.
