Check or Attack Name: IE ActiveX execution

The web browser allows ActiveX controls to be automatically executed. ActiveX controls and plug-ins may be launched directly from the HTML page that contains the control. Potentially malicious ActiveX controls or plug-ins may run without the user's approval or knowledge.

• In Internet Explorer 3.x, from the Options dialog box, go to Security and disable Enable ActiveX Controls and Plug-ins.

  1. Open Internet Explorer 3.x.
  2. From the View menu, select Options.
  3. Click the Security tab.
  4. Disable the Enable ActiveX Controls and Plug-ins option.
  5. Click OK to apply the changes.

• In Internet Explorer 5.x, from the Internet Options dialog box, go to Security and disable the appropriate settings under ActiveX controls and plug-ins.

  1. Open Internet Explorer 5.x.
  2. From the Tools menu, select Internet Options.
  3. Click the Security tab, and then click Custom Level.
  4. From the ActiveX controls and plug-ins folder, locate the advanced feature and set it to the recommended value.
  5. Click OK to apply the changes.