ACTIVE X ?

Discussion in 'other software & services' started by pazuzu, May 28, 2004.

Thread Status:
Not open for further replies.
  1. pazuzu

    pazuzu Registered Member

    Joined:
    Nov 26, 2003
    Posts:
    27
    Location:
    N Z
    My pc keeps saying i cannot access certain webpages due to my active x settings being wrong ? i know this is a stupid q but id really appreciate some help running xp sp1 . Please can someone tell me the settings . thanks a lot
    Pazuzu :oops:
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,798
    Location:
    Texas
  3. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,878
    Location:
    New England
    Is the image below the IE message you are referring to?

    If that is it, then fixing it may not be something you want to do. You see, that message means that your PC is set more securely than the webpage you are viewing requires to run all the elements contained in it. That message is telling you there is at least one ActiveX control that is not being allowed to run based upon your settings in IE's > Tools > Internet Options > Security... (specifically the settings for Activex controls and plug-ins).

    While you can stop those messages from popping up by lowering your security, by doing so you would open your PC up to a whole world of possible malicious ActiveX controls. The most powerful spyware programs and dialers are installed through the use of ActiveX controls. ActiveX is a terribly powerful thing and therefore is a very dangerous and exploitable thing.

    One big problem using IE and securing it properly is that Microsoft does not allow you to prevent that warning message from coming up when an ActiveX control is blocked. It's one of the few messages that doesn't have one of those don't warning me again type check boxes, and it really ought to. Some people have speculated that Microsoft so wanted people to enable ActiveX that this message was their way of trying to annoy people into enabling it. Unfortunately, since that time up through today, ActiveX has been so widely exploited to hijack and damage systems that it really makes Microsoft look foolish for having an annoying message like that which can't be disabled.

    Interestingly enough, the tighter your security, the more of those messages you'll get while using Internet Explorer. Adding sites to your restricted zone will cause all ActiveX controls accessed from those sites to produce a popup message like that. (There are some sites where you get many such popups all at once because they are heavily loaded with ActiveX.)

    SpywareBlaster adds sites to the restricted zone, too, so it also can be a cause of some of these popups, however, it also sets kill-bits for many known bad ActiveX controls, and I believe having the kill-bit set prevents those messages from coming up, as well. So, in that regard SpywareBlaster helps to reduce the number of those alerts. A Hosts file will also prevent many of these since they entirely block many spyware related sites and therefore their ActiveX controls are never accessed.

    Many people have asked about finding a way to just prevent that popup alert window, unfortunately I don't think anyone has found one short of really hacking up IE.

    Of course, switching to a non-IE browser would solve this problem entirely.
     

    Attached Files:

  4. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    LoWaterMark is correct, however i feel i may be at a lower level of knowledge, and therefore closer to the original poster in his need for practical knowledge.

    My little summary is this: ActiveX is a Microsoft creation, and most notably it is used by Internet explorer despite a long history of security holes. My first instinct was to deactivate activex however if you do much browsing that message gets old fast. You have to decide which is more annoying the constant nagging from websites or vulnerability to activex controls executing code without your knowledge. Solution (other than just constantly adjusting settings, and answering that question...

    - Many would say download another brower like Mozilla Firefox and use it for most of your browsing (i did this for a while)

    - use spyware blaster! this is one of the only completely painless solution. what it blocks won't bother you, and it uses virtually no resources.

    - if you download the latest version of xp-Antispy it allows you a pretty painless one click activation/deactivation of activex. (that's still too hard for me :'( ).

    - other than that using IE's internet security settings is easy...but it's monotonous to continuously change them.

    - There is yet another solution (i think). It might work well for some people. create a user with no priveledges and do your browsing under that user. I believe his lack of privledges prevents much of the havoc because he basically is not authorized to be fooled into downloading and executing malware.

    Just know many legitimate sites require activeX. Many badones use it too. My current solution is to be more selective about my sites, and do backups and learn how to quickly find and remove pests. You have to be a little bit more responsible if you can't afford for your computer to be compromised. Risk assesment is sort of a guessing game where the most paranoid get the last laugh :cool:

    -HandsOff
     
  5. Ruffian

    Ruffian Guest

    I don't think this is accurate.
     
Loading...
Thread Status:
Not open for further replies.