For better security, keep an eye on ActiveX
Comment on this story
You probably have encountered ActiveX controls on the Internet. Web pages that play music probably use them. ActiveX controls also can open Windows Media movies or Microsoft Word documents inside a browser window.
Microsoft developed ActiveX to provide an interactive Web experience, but these controls pose a serious security threat that outweighs their benefits. So it's important to take steps to protect your computer and data from these threats.
These small programs can do virtually anything on your computer. Thousands of ActiveX controls are available. And when Microsoft's Internet Explorer browser downloads them from a Web site and runs them, they have access to your computer.
Other technologies, such as Java, also can run code within a browser. But by design, Java programs have little access to Windows.
Problems with ActiveX have been a big contributor to the poor safety reputation of Internet Explorer. Firefox ( www.mozilla.org), a free alternative Web browser, has captured a significant share of the browser market. It does not accept ActiveX controls, giving it a reputation for safety.
Unfortunately, you'd find life without ActiveX inconvenient. Windows Update, for instance, requires ActiveX. You can't use Firefox to update Windows. You have to switch to Internet Explorer. That is occasionally true of other Web sites, too.
But if you switch to Firefox for safety reasons, you can install a plug-in, IEView, that allows you to switch to Internet Explorer when necessary. This might happen when a page is optimized for Internet Explorer, and doesn't work properly in Firefox. That could be because of ActiveX, or it might be another feature.
To find IEView, click Tools, Extensions. Click Get More Extensions.
To use IEView, right-click the page you want to open in Internet Explorer. Select View This Page in IE.
ActiveX Controls should be set to a safe level in Internet Explorer. You can do that by using the factory settings. Click Tools, Internet Options. Select the Security tab. Be sure the Internet zone is selected. Click Default Level.
If you want to continue using Internet Explorer, you can turn ActiveX off altogether. To do that, click Tools, Internet Options. Again, be sure the Internet zone is selected. Click Custom Level. You'll find seven settings for ActiveX. Disable them all. You could set them back to Default Level when you need them.
Firefox has had security concerns, but it has one big security advantage: It is not part of Windows. Internet Explorer is an integral part of Windows, making you more vulnerable. So only use Internet Explorer on sites where you have a reasonable expectation of safety.
ActiveX is typical of older Microsoft products. Internet Explorer, and its ActiveX components, was built to maximize convenience and pleasure in surfing the Web. Less thought was given to security. Internet Explorer 7, which is under development, should certainly be safer.
In the meantime, we all have to use common sense with today's Internet Explorer. When you use it, stay away from questionable sites, and don't download things you don't understand. Use a firewall and pay attention to its prompts. Keep your anti-virus and anti-spyware software updated. That should keep you out of trouble.
-- Komando hosts a national radio show about computers and the Internet. To find a station near you that broadcasts her show, visit www.komando.com/findkimonair.asp.
Copyright © 2005
The Detroit News.
Use of this site indicates your agreement to the Terms of Service (updated 12/19/2002).