Community Newsletter: Q&A forum: 6/9/06 What are ActiveX controls and are they dangerous?

Answer:

For the most part, you really do not have to worry about ActiveX controls unless they are unsigned and scripted. They are only available on a PC version of MSIE, and are rarely found on websites anymore, except where something needs to interact with your operating system. As you pointed out, web based AV scanners are the most common places that use these, because they must have direct access to your OS.

If you have not altered your browser's security settings then you will not be able to run unsigned or scripted ActiveX controls anyway. Signed controls are verified by companies such as Verisign, that the company providing the product is in good standing and are exactly who they say they are. These signed controls are allowed to run, sometimes requiring a confirmation from you.

The ActiveX controls have always been there ... the reason you are seeing the pop up now is due to a legal requirement by MS whenever MSIE loads an object that is programmed into a webpage and the site does not adhere to a very strict coding requirement. If the page is coded properly, you will never see the pop-up and the ActiveX will simply install if it is signed and trusted.

Anyway, back to your follow up question about removing them.

First of all, if you remove them, you will have to reinstall them again to run the AV scanner you mentioned. In the case of a few McAfee products, it has to remain installed all the time or the AV won't work. Therefore, so long as the prompt came from a reputable website and company, I would actually leave them there.

Now, if you actually want to remove them, since they are just software, like anything else on your computer (they are not spyware, malware or virii) you will have to remove them manually. Ad-aware, AV scanners, etc will not take them out unless they seem to be a threat.

To remove objects from your browser (objects include ActiveX, java classes, cab files, etc) you should make sure your browser & messenger is closed and then open your control panel and choose "Internet Options". This could be done through the browser as well, but if you open the browser there is a chance that the control will get loaded and be unable to be removed while being used.

In the center "Temporary Internet Files" area, choose the "Settings" button. Next, choose the "View Objects" button. You will now be able to see any objects that have been downloaded for use on your browser. You may be surprised at how many are actually there, since this pop-up only started lately (last autoupdate) and ActiveX has been used since Windows 3.11.

Choose the objects you want to delete and delete them, simple as that.

Again, keep in mind that some are required objects, so you may want to be careful what you remove, otherwise you will have to install them again. Some places that have required ActiveX controls include any online AV scanners, Microsoft Update website has a number of ActiveX controls (but you do not get prompted because the site is coded properly), most Passport websites, Microsoft software sites use a validation control, etc etc.

I wish you luck in your endeavor, but if they are not from unknown websites, I would leave them be since they are used as part of the required software you use.

Submitted by: Glen P. of Winnipeg, MB, Canada

***********************************************************************

Answer:

ActiveX is a scripting language/library package for Internet Explorer. It's like Java in so far as you can write applications that can do various things - like as you've mentioned - scan for viruses - and of course, run Windows Update.

As for which ones are OK and which aren't, that depends largely on the TYPE of ActiveX control. They fall into two main categories.

First off, there are those you download that generally become "inert" once the application (such as the online virus scan) is complete and/or the window it's running in gets closed. They generally don't run in the background and are doing nothing more than "collecting dust" on your hard drive.

In the other category, there are occasions when you visit a web page and it wants to install something such as a toolbar that gets loaded every time you launch IE. MANY of these so called "toolbars" offer little in the way of value and come with a side order of spyware and/or adware. If you happen to notice a bunch of pop-ups after you've installed something - chances are excellent you've got infested.

The 2nd category tends to be more pernicious - requiring a bit more effort to remove as I'm sure you're probably familiar with. The first category, however, should be VERY easy to remove. First off, right-click on My Computer and select Explore. Next, right-click on your C: drive and select Properties, you should see a window pop up with a graphic of your hard drive's usage. Below and off to the right of the graphic, you should see a button marked Disk Cleanup. (Note: You can also access this by clicking on Start | All Programs | Accessories | System Tools and select the Disk Cleanup option there.)

On the disk cleanup menu, there's a list of items that you can remove - temp files, temp Internet files, recycle bin junk, and most importantly for our purposes now - "downloaded program files" or "web client/publisher temporary files". Those ActiveX files will wind up in either the Downloaded Program Files or Web Client categories. Make sure those two options are selected and click OK to proceed. That should get rid of those dormant files.

On the down side... Let's say you use Norton (or Trend Micro's or Panda's) online AV scanner on a regular basis. Having to download the components each and every time you want to scan your computer can be a hassle. More often than not, many of those files are used over again to save time and hassle downloading the thing over again. The only things that get updated are the definition files for the virus scanner.

As for which ones to allow and which ones to stop before they get a foothold on your computer... I would say that largely depends on the site itself. Antivirus scanners, Windows Update and such fall into the good to go category. Toolbars generally fall into the "not on your life" or "when hell freezes over" category.

Other sites that require some sort of ActiveX plug-in - I would take on a case by case basis. If the site has something to offer that is important to you, then you might consider it. Before going for it, you should read their privacy policy and any End User License Agreements they have available CAREFULLY - paying close attention to any and all "bonus" software they might want to install.

And I would recommend running your usual spyware suite (Ad Aware, Spybot, etc...) after you do install something just in case there are any "surprises".

Submitted by: Pete Z.

***********************************************************************

Answer:

Ok, lets start out by identifying what an activex control actually is. An activex control is a small piece of software that, when run, allows for more content distribution, and more control over your machine than what a simple web document can deliver. Activex controls were introduced in Internet Explorer my Microsoft in the late 1990's to allow web developers to enhance their abilities to deliver content and run small code on a client machine. This is, of course, a double-edged sword of sorts. While activex allows for enhanced content, it also leaves your system open to security issues. Activex controls can write to your hard disk, access your registry, delete files, download files to your computer, and so on, as opposed to Java that sits in a protected space in memory and isn't allowed to interact with other programs.

There is a layer of security added to activex. That layer is the certificate layer. Certificates are like broken promises. Anyone with a credit card number can get their activex control signed by Verisign. The important thing to know about activex is that unless you absolutely trust the distributor of the control, you should not download any activex content. A corporate virus protection site, such as Symantec, delivers safe, secure activex controls, and I wouldn't be too concerned with these, but there are more activex controls circulating the web that aren't safe, and you should always use caution when downloading them.

You can verify your security settings by clicking on Tools -> Internet Options. Click the 'Security' tab and click 'Custom Level.' From there you can turn off all activex content, or have Internet Explorer prompt you whenever activex content is ready for download. If you would like to delete activex controls that you have already installed, navigate to your 'C:\windows\downloaded program files\' folder in explorer.

Right-click those activex controls you would like to remove, and then click remove. I hope I've answered your question.

Submitted by: Joseph M.

***********************************************************************

Answer:

I actually have the same problem. When ever I open a flash page, it always happens. "ActiveX" is a name probably dreamed up by the marketing people at Microsoft. It has as much intrinsic meaning as "cougar" does for a make of automobile. It refers to a somewhat loosely defined group of methods developed by Microsoft for sharing information and functionality among programs. One of these technologies is called "ActiveX controls." These are objects that are like small programs or "applets" and a number of Microsoft programs like Office and Internet Explorer (IE) are designed to be able to interact with them. An example is a spell checker. Since Word comes with a spell checker, other Microsoft programs such as Outlook Express can make use of it. In fact, any program with the appropriate interface can use this spell checker.

This built-in interactivity between various components and programs leads to greatly increased versatility and flexibility. Furthermore, programmers can easily create new ActiveX controls with Visual Basic , C++, and other programming languages. One place where ActiveX controls are very common is in Internet Explorer. An ActiveX control can be automatically downloaded and executed by Internet Explorer. Once downloaded, an ActiveX control in effect becomes part of the operating system. For example, IE cannot read PDF files by itself but can do so with an ActiveX control from Adobe. Similarly, IE needs a control to display Flash. Microsoft delivered a long-awaited update for Internet Explorer 6 that changes the way the browser loads embedded ActiveX controls. the problem is that it had a problem in it and now you will get the active X problem. to overcome this you have to update IE 6 to a previous edition while Microsoft fixes the problem, hope this helps.

Download this:
http://www.microsoft.com/technet/prodtechnol/sms/sms2003/patchupdate.mspx

Submitted by: Joshua W.

***********************************************************************

Answer:

ActiveX controls are basically Windows programs that are designed to be downloaded through a browser (specifically, Internet Explorer, though the Mozilla variants can use ActiveX controls with a special plug-in, but that's another story.) As they are Windows programs, they can do anything Windows program can do. So the potential danger is there.

However, Microsoft DOES want you to feel safe, so ActiveX controls are now "digitally signed". Basically, the browser will contact a central server, which will vouch for the ActiveX controls' authenticity. So if your browser tells you that the controls are signed, from so-and-so company, and you recognize the name (in fact, it's supposed to provide a link to the company website and all that), it's likely safe to download. Conversely, do not download any unsigned controls, or accept any controls that do NOT pass the authenticity test. As always, safe computing involves trust, and you should only trust a source worthy of trust.

To manage ActiveX controls in use by Internet Explorer, go to control panel, Internet Options, and click on Programs tab, then look for "manage plug-ins" button at the bottom of the dialog box. That should give you a list of all plug-ins and ActiveX controls that currently reside on your PC. You may also see "Browser Help Object" and "Browser Extension" in the list. Select the control and you can then select "Disable" to deactivate it.

This is based on IE6 with latest updates. I'm not sure if they moved the stuff in IE7 beta, but it should be at a similar place.

Hope that helps.

Submitted by: Kasey C. of San Francisco, California

ActiveX itself should not be feared.

Microsoft's Windows Update is another important ActiveX site that wasn't mentioned in the featured answer.

sorry iv lost the leed to this reply
but it s about active x and the controls , you gave some advice on turning them off and on bu t in my version of iE6 under the tools there is no
Manage add ons .
I lost my ability to control active x the other night as i downloaded a product and in turn lots of widows appeared and in the end i had no more active x controls in the advance section of the tools

thanks
daak

Did you happen to go to this link yourself! Or did you purposely mistype the addy to mislead us and test our popup protection? LOL

Maybe you're talking about a Browser run on Corn Oil? But most likely you meant www.mozilla.com! But at least I found my popup blocker works!

BTW Mozilla Browser and Firfox are basicly the same!

It's OK buddy, you meant well and that's what counts here! Thanks!

I have XP Home SP 2 installed but can not find "Select Enable or Disable Add-ons" or delete box in Manage Add-ons. Perhaps this facility is only available in XP Pro. Can anyone help please?

Judesman.

there are no further options other than the Settings and Update boxes at the bottom of the window. There is no delete option. I have IE6.

Judesman.

These container excutable programs were originally designed to enrich our online experience! Some like JAVA, Javascript, XPI, and a muriad of others do not directly have OS access! For the most part these are considered safe. Because of lack of OS access and the fact that firewalls, anti-virus, anti-malware can restrict their access . But even they can have disastrous consequences when loaded from spoof and masquerading sites.

To spoof is to represent yourself from the net side as a site one would normally visit and trust! Examples include Ebay, Paypal, or even some of the AV sites that request run priviledges from you. Virtually any site can be masquerated these days and it's why even with the best protection and tools we are all still vulnerable.

Virtual Masquerating today is being done like in an email you receive perporting to be Paypal or even your bank and lots of other websites gleaned from your own web presence and the information you give the web! This is why these sites tell you to never answer an email that requests your information. We need to go to these sites directly from our own links not hyperlinks that can be spoofed and you end up at webpages that are a virtual mirror of the site you want to go to!

It's a dangerous world out there today and we need to take all the precautions we can to ensure our safety and well being! We need to maintain our freedom to roam the Internet in spite of these dangers! But with tools such as those that would appear to be innocuous, but serve none but their creators or it's corporate interests, we have a problem. And at times, no choice but to comply! Or so they might like us to believe!

Now comes the really dangerous beasts and they come from a company that with them, have complete control of your system from the outside world! With these tools they can open other programs, install other programs, scan your complete harddrive, report back any and all information it finds on your computer. The creator of these tools is of course ''Microsoft'' and the two most prevalent tools are VBS (Virtual Basic Script) and Active X!

They tell you these are needed to install updates to our OS and secure access to programs needed to protect us! But who are they protecting? Are they really required in order to do these same things they can do without complete OS and computer root access from the net side?

Yes they can! They are called downloaded excutables that you can even run with no vulnerable connection to the internet. So controlling your computer from the outside is not a Safe way of installing anything! As that very information requested in a two way conversation between computers over the Internet can be accessed mid stream on the net, resulting in Idenity Theft!

They say it can be encrypted and you are safe! Not 100%! And it depends on the encryption used and a virtual open space environment that is the Internet!

Another dangerous vulnerability being exposed more and more today are ''Root Kits''! They can be viewed as bad and they can be viewed as good and essential! For instance. When you install a Anti Virus Program or a Firewall! These are some programs that will most likely require a ''Root Kit'' for a good purpose! But today with the use of Microsoft's very own Tools, sites with this access can run programs to install ''Root Kits'' that are dangerous!

These are likely today to be things considered by the corporate world to be essential to their Safety as in the case of DRM!

DRM is legal malware control of your computer in the supposed attempt to protect themselves! Not YOU!

Active X and VBS have the power to install DRM malware that can take control of your computer and put it in remote hands! It is the ingredients of the Control you've probably seen in SciFi movies of the future, like in the movie and book ''1984''! So these days your computer is no longer YOURS! Remember this! And get the solution at the end of this post!

It belongs to whoever says they have a legitimate right to information on your machine and that unfortunitely includes RIAA, MPAA, Spoofing sites, Malware, and sites Masquerating as something they aren't! To top it off, Microsoft themselves, who think they have a vested right to control what you do with your computer and all the information garnered from the web!

Your best defense against this kind of control is to use an Operating System, that leaves all control in your hands. Without demanding that you give up YOUR rights to a safe and secure computing environment, both online and off line!

The only Operating System that fulfills this, is Linux! I know their are naysayers out there that would like to include Apple's OS-X! This operating system, although similiar in nature, is from a Proprietary Corporation and still uses DRM to protect themselves and fellow co-horts in the Corporate World. Now even motherboard chip control of your computer is at their fingertips, furnished by Corporate Big Brother Intel!!!!

Even now many motherboards are being designed to give control of your computer to outside sources as with chips designed by nVidia (chip security, ha), Intel's hardware chip DRM protection devices and many more. Even IBM, a ''Open Source'' purveyor are on the bandwagon of onboard chip surveillance technologies!

Linux! Because it is ''Open Source'' and is built on the model, that you own your computer, and you should have 100% say so as to what goes on it, is our only true Friend in this Corporate attempt to steal our constitutonal rights to privacy! Open Source today is the largest single organization made of people writing software without corporate or self interests in it's purpose. It is written by the community as a whole who's only interests is to ensure our safety and freedom above all!

Why do you think the Corporate Oligarkies are deathly afraid of it? And why do you think those very same Corporate Oligarkies use the safety and security of Linux today? Download a Free and Open Experience of Your Computing World! Many flavors are available!

Flip the Bird (penquin) to those who would control you! GET Linux-fied! You own it to yourself! Thank you!

the Microsoft Error message comes up and it won't open.

I have Windows XP GatewayDX300-Pentium D MediaCenter 2.8Ghz 175G 1G RAM SP2

Any suggestions? I'm tired of IE and downloading Trojans etc. I am constantly worried about the wrong Active X downloads.
Does Google use Foxfire?

Here's a link to the Mozilla Firefox 'Knowledge Base' that may provide some answers to this and other issues.

Firefox-MozillaZine Knowledge Base> http://kb.mozillazine.org/Mozilla_Firefox

Regards,
BigThunder1

I have 98. your instructions for deleting ActiveX; When I click Tools and do not have a drop down list that has what you indicated.

...the instructions were for Windows XP (and possibly 2000).

Use the disk cleanup utility.

Your best bet is to get Firefox and just use IE for places like your bank or that site you spoke of. But I'll bet if you used Firefox and went to that site you could view it without active X in Firefox. If I had the name I could prove it!

But for some, and you may be one, making a change to Firefox requires more time than you have or you may even , just not want to.

So here is the first step before you use restore your system to where it was before you installed this active X tool.

1. If you have Windows with SP2, you have two ways to disable the Active X control. (Now remember you may not have to even do this, if this was a legitimate site). In your "Control Panel" you have an icon labeled "Internet Options"! This is also accessable through the "Tools" tab in Internet Explorer Browser! This would be the best as you can still be reading this while you have it open for instructions.

2. Click on "Internet Options"! A small panel will come up that has tabs on it with the Labels -General- -Security- -Privacy- -Content- -Connections- -Programs- -Advanced-

3. Click on the tab -Programs- and near the bottom you'll see a button labeled -=Manage Add-ons=- Click on it, and this will bring up the -=Add-ons=- panel with a list of the Active X, Browser Helpers, and Java Controls installed.

4. Find the Active X control associated with the site you visited listed in the Publisher Colummn. Click on the name associated with the control you want to disable (this will hi-lite it).

5. Now in the bottom left corner you should see a "Dot" next to -Enable-! Just click the "Dot" in -Disable- and your done!

Be sure you do a malware search with a tool like "Ad-Aware" to clean your computer. You can download it here:

http://www.lavasoftusa.com/software/adaware/

Restore is a last resort. And in this case you should be ok! Any problems simply repost and I'll see if I can help!

We live with millions of pigeons in our town, why shouldnt we support ActiveX controls in our computer systems?
The advantages are so huge that we can verget some little incovenients.
I confidently allow all ActiveX controls by clicking on OK. I choose the short way because I havent so much time.

Thanks for such a rely understandable explantion I wish there more people like you around. Chis from Norway.

Thanks for all your input everyone. Much appreciated.

Jon