Check or Attack Name: Zone active scripting

The security zone settings allow script code embedded in HTML pages within the URL security zone to be able to use embedded objects (such as ActiveX or Java), provided that the applets expose properties, methods, and events. The web browser may automatically execute potentially malicious scripts.

Depending on your version, select one of the following choices in Internet Explorer:

• For Internet Explorer 4.x:

  1. Open Internet Explorer 4.x.
  2. From the View menu, select Internet Options.
  3. Click the Security tab.
  4. Select the appropriate Zone.
  5. Click Custom (for expert users).
  6. Click Settings.
  7. Disable Active scripting.
  8. Click OK twice to apply the changes.

• For Internet Explorer 5.x:

  1. Open Internet Explorer 5.x.
  2. From the Tools menu, select Internet Options.
  3. Click the Security tab.
  4. Select the appropriate Zone.
  5. Click Custom Level.
  6. In the ActiveX controls and plug-ins area, disable Script ActiveX controls marked safe for scripting.
  7. Click OK twice to apply the changes.