Turn off ActiveX

Another (yawn) Internet Explorer exploit

Added 2004-06-13

Another Internet Explorer security hole has surfaced:

The security firm Secunia mentioned in the article releases advisories almost on an hourly basis. They test thousands of products, and Internet Explorer is not the only one with problems. Some weeks it just seems that way.

If you're using Internet Explorer, do yourself a favour and turn off ActiveX. Yes, without ActiveX you can't see everything on some Web sites. Pity. You will need to turn ActiveX back on for Microsoft's Windows Update, which needs it to read your hard disk to see which patches you need to install.

But having a fully patched system is obviously not enough. If Microsoft uses ActiveX to write to your hard drive, so can anybody else who knows how.

Having ActiveX on is an invitation for malicious sites to do "drive-by installs" of spyware, scumware, and adware.

Turn off ActiveX. Here's how:

From Settings, Control Panel in the Start menu, or from Tools on the Internet Explorer menu bar, select Internet Options. Click on the Security tab, then the Custom Level button. Then click on the Disable options (there is more than one) for ActiveX. Don't worry, you can reset these choices if you need to.