IE has many security
options, including specific options for ActiveX controls. The options include the following
categories:
??? ActiveX Opt-In??”Allow previously unused ActiveX controls to run without
prompting (IE 7 only)
??? Allow scriptlets (IE 7 only)
220 Hacking Exposed Web 2.0
??? Automatic prompting for ActiveX controls
??? Binary and script behaviors
??? Display video and animation on a web page that does not use external media
player (IE 7 only)
??? Download signed ActiveX controls
??? Download unsigned ActiveX controls
??? Initialize and script ActiveX controls not marked as safe
??? Run ActiveX controls and plug-ins
??? Script ActiveX controls marked safe for scripting
To ensure that the proper security controls are placed on an ActiveX object, IE security
settings can be adjusted accordingly. For example, the Download Unsigned ActiveX
Controls option should always be marked as Disable. Complete the following section to
ensure adequate security is placed on IE setting for ActiveX security controls (note that
some applications may not work well if they are using proper ActiveX security):
1. Open Internet Explorer.
2. Choose Tools | Internet Options.
Pages:
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389