3. Select the Security tab, highlight the Internet web zone, and click Custom Level.
4. Scroll down to ActiveX Controls and Plug-ins, and change the ActiveX options
to match the following:
??? ActiveX Opt-In??”Allow previously unused ActiveX controls to run without
prompting (IE7 only): Disable
??? Allow Scriptlets (IE7 only): Disable
??? Automatic prompting for ActiveX controls: Enable
??? Binary and script behaviors: Enable
??? Display video and animation on a web page that does not use external media
player (IE7 only): Disable
??? Download signed ActiveX controls: Prompt
??? Download unsigned ActiveX controls: Disable
??? Initialize and script ActiveX controls not marked as safe: Disable
??? Run ActiveX controls and plug-ins: Prompt
??? Script ActiveX controls marked safe for scripting: Prompt
IE has now implemented a base level for security for ActiveX controls. Unsigned
controls and controls marked for scripting/initialization, among other protections, are
now protected against.
Chapter 8: ActiveX Security 221
IE7 offers an ActiveX Opt-In list that allows a user to have a central configuration of which controls can
run silently, which require prompts, and which are disabled.
Pages:
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390