McAfee 10.x...ActiveX?

Hi Howard,

ActiveX has to be turned on in IE for McAfee to download updates - so the issue then becomes is there an option to block Activex selectively.

The few times I've seen it running and tried to find a way to do just that, ended in frustration. Maybe I wasn't looking hard enough

Regards - Charles

 

Those lucky enough to be using Virusscan Enterprise don't get any of that ActiveX crap.

 

I used Mcafee with it's activeX for many many years and it never caused any kind of problem. I really believe that a lot of the malware or exploits are blown clear out of reality by word of mouth information. That is not to say that there isn't some very real and dangerous malware out there. but mcafee's use of activeX is not one of them.

 

THe original question in this thread was "Is the latest version of McAfee's VirusScan still using ActiveX?".

I have no idea what that question means.

All AV software does is examine files for viri, worms, etc.
Whether a file uses ActiveX code or whether the file is, say, an ActiveX DLL, what's that got to do with whether McAfee USES ActiveX?

McAfee might, itself, be using ActiveX DLLs to include its own code, so what, that's not an issue.

What is needed is clarification of the original question in this thread.

 

The trial also uses activex to install.There is no .exe file that you can download.You need activex to install it so i guess those that have used IE eradicator may be out of luck with mcafee products.While im sure mcafee make excellent products , there doesnt seem to be any other reason to use activex, other than for ads or promotions....unless someone else knows the answer?.
ellison

 

ActiveX is nothing else than XUL in Mozilla. It's just a programming "language" for browser extensions. If McAfee uses it, thats not really an issue since ActiveX is made by McAfee Inc. It's safe i "assume" But 3rd party unknown ActiveX plugins may pose a potential risk.

 

I think the point being made though ,is that ,you have to have activex enabled to use mcafee succesfully ,and the default setting in IE at present is to allow activex downloads ,which most people (who dont frequent forums like this) would use.It seems a little ironic to me that a great deal of spyware is installed using activex objects.... like porn diallers etc....,and yet a security firm is using that same medium, and for what exact reason ?
ellison

 

I guess heres a good example of activex insecurity?.....funnily enough involving mcafee virus scan
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=358
ellison

 

Well it doesn't matter much if you're not using IE6 for browsing.
I never bothered around ActiveX stuff that all people make so many noise, i use Firefox and sometimes Opera and had zero problems with "ActiveX" nasties.
IE6 is there but i don't use it.

 

80+ % of windows users run IE. The issue here is that a security company is, as far as I can tell, using a browser security hole to deliver ads.

Regards - Charles

 

Not so.

ALL products that interface with Office MUST use ActiveX.
But that use is within te program itself and posts no danger to anyone.

 

The point that is being missed that ActiveX objects are used by ALL programs that interface with Office.

Of course, if you disable use of ACtiveX on your system, then lots of software will be unusable.

Enabling ActiveX in IE has got nothing to do with internal use by applications.

 

Hi Howard,

Unfortunately, ActiveX in IE has to be enabled to run McAfee. So if using IE to browse, that's a potential problem. If using Firefox et al, than there may be other problems, but not that one.

I can tell from your responses that you don't run McAfee and IE to gether

Regards - Charles

 

Huh?....enabling activex in IE has everything to do with mcafee (including being able to install the 30 day trial....from thier antispyware 2006 PDF file
.........................
What are ActiveX controls?
ActiveX controls are software modules based on Microsoft's Component Object
Model (COM) architecture. They add functionality to software applications by
seamlessly incorporating pre-made modules with the basic software package.
Modules can be interchanged but still appear as parts of the original software.
On the Internet, ActiveX controls can be linked to Web pages and downloaded by
an ActiveX-compliant browser. ActiveX controls turn Web pages into software
pages that perform like any other program launched from a server.
McAfee uses ActiveX controls in its applications, and you must download the
specific ActiveX components required for each application. Once these
components are loaded, you do not need to download them again unless upgrades
or updates become available.
Unfortunately, Netscape and some CompuServe versions are not
ActiveX-compliant browsers. To use McAfee applications with Netscape or
CompuServe browsers, you must go to the McAfee Web site to automatically
download the McAfee Activator Plug-in and have Internet Explorer version 5.5 or
later installed on your computer.
NOTE
Netscape 4.0 and later versions, as well as CompuServe 5.0
and later versions, are compatible with the McAfee Activator
Plug-in.
............................................
ellison

ellison

 

I would be intrested to know whether mcafee 2005 viruscan (or other editions) when used with a non activex compliant browser or activex disabled,says its been updated when in fact it hasnt ,which is implied by a user here (post eight)....

http://www.amazon.com/gp/product/customer-reviews/B0002T889Y/103-3232771-8503801?_encoding=UTF8

If that is true then it seems to be a serious problem.Is this true and if so has it been fixed?
ellison

 

I dont know why you seem to get Ads with McAfee, but I thought you only got that kinda stuff if you signed up for the security center notification display's such as Virus alerts or special promotions! Other than that it seems strange to me, but I do understand some of the problems with the privacy + Spamkiller services installed, just look on the forums to see how much of the pain in the Ass, they can be if they are not working.

 

I guess i didnt know i had a choice , or that the last bulletin point actually meant a promotional popup.

"Access To Fully-Enabled Trial Subscriptions
Offers trial subscriptions to McAfee Security's managed world-class security products".

http://us.mcafee.com/root/product.asp?productid=msc

Also the statement ...
"Please note that Microsoft Internet Explorer 5.5 or higher is required to download and install McAfee products." is a rather ambiguous statement and suggests to me that IE is only required for installation and not continued operation.
ellison

 

I use IE, Firefox and Opera, not to mention do lots of OLE programming, so I do not disable ActiveX.

 

This thread is confusing two points.

1. Whether a particular program uses ActiveX internally. That is NOT a problem unless the program does something ITSELF to cause harm.

2. Whether a program allows other programs, not under its control, to use ActtiveX. THis is where problems can arise.

 

I agree, otherwise people who use alternative browsers would not be able to run McAfee.

Downloading it with IE only of course ensures that activex is enabled.

So one more time:

Can't download McAfee w/o IE and activex enabled.

Can't browse with IE w/o activex enabled if running McAfee.

With alternative browsers - doesn't matter if activex enabled or not since they don't use activex.

Regards - Charles

 

Only when you are using IE, it's got nothing to do with other browsers.

It's just a result of a foolish choice that McAfee makes.
Other software also cannot be downloaded without using IE.
If you are saying that McAfee won't download AV updates unless ActiveX is enabled in IE. THen disable ActiveX when not doing such downloads.

I find it hard to believe that McAfee would be so stupidly implemented.
Browsing is entirely separate from ActiveX. ActiveX would only matter if you wish to allow web sites to use ActiveX. Most sites do not require ActiveX.

 

Or put another way.
1. You cant download and install mcafee without activex enabled in an activex compliant browser
2. You cant update mcafee without activex enabled in an active x compliant browser.
3.The security centre seems to be mandatory for all home user products and also needs activex enabled in an activex compliant browser.
4.Mcafees use of activex in its security products has already caused a possible major security breach (see link in my earlier post) in Dec 2005.While all avs are suceptible to security breaches ,it still seems ironic (IMO), that mcafee would use a known medium (that much malware uses) and one that has been plauged by security problems in microsoft,hence IE7 with its new default security.
Apart from that and its promotional /ad centre , i do believe mcafee is one of the better avs for detection.
ellison

 

Kerect!

 

IE7 causing McAfee update problems

http://www.virusbtn.com/news/virus_news/2006/11_03a.xml

LOL.

For a security Company, ActiveX and Security should be an oxymoron.

 

Actually I agree with those who mentioned the use of ActiveX and its security risks are blown out of proportion. I do not think anyone here would deny ActiveX or Java could foster a bad maleware under the right conditions, but I feel with proper security software and habits, the risk is small. To me there is no difference in reference to security risks of running ActiveX, Java or any other API. All of them are designed to run code for the benefit of the user, it is only when people learn to exploit it does it become a risk. Now this means that to be safe some say you need to disable Java or ActiveX from your system. Well why not take it a step further and simply be safer and unplug the machine from the Internet? To me everything we do in life imposes some risk, but it doesn't mean we should stop living. It is just reason to be careful in what we do and how we do it. To me running ActiveX for the years I have done so and using IE as my browser have never personally had anything negative come of it. I am running the latet Mcafee right now thanks to the advice of Bigc and I have to say he was correct in that it is a good product and I am very happy with it ActiveX or not.