- To automatically download and install ActiveX controls
- Posted by Spin on November 11th, 2005
The ability to automatically download and install ActiveX controls means one
has to set their browser to either "Low Security", or they need to
"Customize" their current security level to allow to download and install
ActiveX controls, or add the site to their IE Trusted Sites list. Do I
understand this correctly?
--
Spin
- Posted by Colin Barnhorst on November 12th, 2005
Yes, but is a security risk to do it that way. In IE7 there won't be any
automatic ActiveX installation permitted for that reason. It is better to
be notified about such installations.
--
Colin Barnhorst [MVP Windows - Virtual Machine]
(Reply to the group only unless otherwise requested)
"Spin" <Spin@spin.com> wrote in message
news:3tkmr6Fsu1e0U1@individual.net...
> The ability to automatically download and install ActiveX controls means
> one has to set their browser to either "Low Security", or they need to
> "Customize" their current security level to allow to download and install
> ActiveX controls, or add the site to their IE Trusted Sites list. Do I
> understand this correctly?
>
> --
> Spin
>
>
- Posted by Spin on November 12th, 2005
ActiveX is a security risk period. I am interested in how people manage
allowing ActiveX in IE their environments.
--
Spin
"Colin Barnhorst" <colinbarharst(remove)@msn.com> wrote in message
news:e5Ifj0y5FHA.1464@tk2msftngp13.phx.gbl...
> Yes, but is a security risk to do it that way. In IE7 there won't be any
> automatic ActiveX installation permitted for that reason. It is better to
> be notified about such installations.
>
> --
> Colin Barnhorst [MVP Windows - Virtual Machine]
> (Reply to the group only unless otherwise requested)
> "Spin" <Spin@spin.com> wrote in message
> news:3tkmr6Fsu1e0U1@individual.net...
>> The ability to automatically download and install ActiveX controls means
>> one has to set their browser to either "Low Security", or they need to
>> "Customize" their current security level to allow to download and install
>> ActiveX controls, or add the site to their IE Trusted Sites list. Do I
>> understand this correctly?
>>
>> --
>> Spin
>>
>>
>
>
- Posted by Frank Saunders, MS-MVP OE on November 12th, 2005
"Spin" <Spin@spin.com> wrote in message
news:3tldneFsoeboU1@individual.net
> ActiveX is a security risk period. I am interested in how people
> manage allowing ActiveX in IE their environments.
I have had no trouble allowing ActiveX. Of course, I'm careful where I go.
--
Frank Saunders, MS-MVP OE
Please respond in Newsgroup. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com/security/protect/
- Posted by Bruce Chambers on November 12th, 2005
Spin wrote:
> ActiveX is a security risk period. I am interested in how people manage
> allowing ActiveX in IE their environments.
>
Set IE to prompt for installation, of course, and don't allow users to
run under elevated privileges, so that even if they click <Yes> nothing
happens without a knowledgeable technician checking the safety of the
control.
--
Bruce Chambers
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
- Posted by Spin on November 12th, 2005
Do you manage allowing it through group policy or do so on a individualized
machine basis?
--
Spin
"Frank Saunders, MS-MVP OE" <franksaunders@mvps.org> wrote in message
news:%23sdAb155FHA.1864@TK2MSFTNGP12.phx.gbl...
> "Spin" <Spin@spin.com> wrote in message
> news:3tldneFsoeboU1@individual.net
>> ActiveX is a security risk period. I am interested in how people
>> manage allowing ActiveX in IE their environments.
>
> I have had no trouble allowing ActiveX. Of course, I'm careful where I go.
>
> --
> Frank Saunders, MS-MVP OE
> Please respond in Newsgroup. Do not send email
> http://www.fjsmjs.com
> Protect your PC
> http://www.microsoft.com/security/protect/
>
>
>
- Posted by Frank Saunders, MS-MVP OE on November 12th, 2005
"Spin" <Spin@spin.com> wrote in message
news:3tmi93Ftmm7eU1@individual.net
> Do you manage allowing it through group policy or do so on a
> individualized machine basis?
>
>
> "Frank Saunders, MS-MVP OE" <franksaunders@mvps.org> wrote in message
> news:%23sdAb155FHA.1864@TK2MSFTNGP12.phx.gbl...
>> "Spin" <Spin@spin.com> wrote in message
>> news:3tldneFsoeboU1@individual.net
>>> ActiveX is a security risk period. I am interested in how people
>>> manage allowing ActiveX in IE their environments.
>>
>> I have had no trouble allowing ActiveX. Of course, I'm careful where
>> I go. --
>> Frank Saunders, MS-MVP OE
>> Please respond in Newsgroup. Do not send email
>> http://www.fjsmjs.com
>> Protect your PC
>> http://www.microsoft.com/security/protect/
Never used Group Policies.
--
Frank Saunders, MS-MVP OE
Please respond in Newsgroup. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com/security/protect/
- Posted by Bruce Chambers on November 12th, 2005
Spin wrote:
> Do you manage allowing it through group policy or do so on a individualized
> machine basis?
>
Allowing is done on an individual basis, provided that access to the
web site is required for the performance of the user's duties.
--
Bruce Chambers
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
- Posted by Spin on November 12th, 2005
Oh that's right, I believe you have to be an administrator of a machine to
allow the installation of an ActiveX control.
--
Spin
"Bruce Chambers" <bchambers@cable0ne.n3t> wrote in message
news:OiWztL65FHA.1464@tk2msftngp13.phx.gbl...
> Spin wrote:
> Set IE to prompt for installation, of course, and don't allow users to run
> under elevated privileges, so that even if they click <Yes> nothing
> happens without a knowledgeable technician checking the safety of the
> control.
