Disable ActiveX for safer Web browsing

March 8, 2008 – 4:15 PM

Unfortunately, ActiveX controls are ideal tools for those who would attack your computer. Over the years, Internet Explorer has been their favored vehicle. It was built to take advantage of ActiveX controls.

These controls pose a serious security threat that outweighs their benefits. So it’s important to take steps to protect your computer and data from these threats.

You probably have encountered ActiveX controls on the Internet. Web pages that play music probably use them. ActiveX controls can also open Windows media movies or Word documents inside a browser window.

These small programs can do virtually anything. Thousands of ActiveX controls are available. And when Internet Explorer downloads them from a Web site and runs them, they have access to your computer.

Other technologies, such as Java, can also run code within a browser. But by design, Java programs have little access to Windows.

Problems with ActiveX have been a big contributor to the poor safety reputation of Internet Explorer. Firefox (http://www.mozilla.org), a free alternative Web browser, has captured a significant share of the browser market. One reason is its reputation for safety, because it does not accept ActiveX controls.

Unfortunately, you’d find life without ActiveX inconvenient. Windows Update, for instance, requires ActiveX. You can’t use Firefox to update Windows; you have to switch to Internet Explorer. That is occasionally true of other Web sites, too.

I use Firefox for safety reasons. I have installed a plug-in, IEView, that allows me to switch to Internet Explorer when necessary. This might happen when a page is optimized for Internet Explorer, and doesn’t work properly in Firefox. That could be because of ActiveX, or it might be another feature.

To find IEView, click Tools>>Extensions in Firefox. Click Get More Extensions. To use IEView, right-click the page you want to open in Internet Explorer. Select View This Page in IE.

ActiveX Controls should be set to a safe level in Internet Explorer. You can do that by using the factory settings. Click Tools>>Internet Options. Select the Security tab. Be sure the Internet zone is
selected. Click Default Level.

If you want to continue using Internet Explorer, you can turn ActiveX off altogether. To do that, click Tools>>Internet Options. Again, be sure the Internet zone is selected. Click Custom Level. You’ll find seven settings for ActiveX. Disable them all. You could set them back to Default Level when you need them.

I still prefer Firefox. It has had security concerns, but it has one big security advantage. It is not part of Windows. Internet Explorer is an integral part of Windows, making you more vulnerable. So I only use Internet Explorer on sites where I have an expectation of safety.

ActiveX is typical of older Microsoft products. Internet Explorer, and its ActiveX components, was built to maximize convenience and pleasure in surfing the Web. Less thought was given to security. Internet Explorer 7, which is under development, should certainly be safer.

In the meantime, we all have to use common sense with today’s Internet Explorer. When you use it, stay away from questionable sites, and don’t download things you don’t understand. Use a firewall and pay attention to its prompts. Keep your anti-virus and anti-spyware software updated. That should keep you out of trouble.


You must be logged in to post a comment.