Zone ActiveX execution

Risk Level: Medium risk vulnerability  Medium

Check or Attack Name: Zone Active X execution
Platforms: Windows NT, Internet Explorer
Description:

The security zone settings allow ActiveX controls and plug-ins to be launched from the URL security zone of the HTML page that contains the control.
Remedy:

Depending on your version, select one of the following choices in Internet Explorer:

  • For Internet Explorer 4.x:

    1. Open Internet Explorer 4.x.
    2. From the View menu, select Internet Options.
    3. Click the Security tab.
    4. Select the appropriate Zone.
    5. Click Custom (for expert users).
    6. Click Settings.
    7. Disable Run ActiveX controls and plug-ins.
    8. Click OK twice to apply the changes.

  • For Internet Explorer 5.x.

    1. Open Internet Explorer 5.x.
    2. From the Tools menu, select Internet Options.
    3. Click the Security tab.
    4. Select the appropriate Zone.
    5. Click Custom Level.
    6. Disable Run ActiveX controls and plug-ins.
    7. Click OK twice to apply the changes.
References:
X-Force Logo
Know Your Risks