PDA

View Full Version : Active X



Smithie 38
30-11-2003, 05:34 PM
Hi folks.
I have just visited a web site and when clicking on an item to see within that site I get a message -
" An Active X control on this page is not safe. Your current security settings prohibit running unsafe controls on this page. As a result this page may not display as intended"
This is the first time I have encountered this message and wondered if someone could tell me what it actually means. What is an Active X control?
Thanks Smithie

Susan B
30-11-2003, 06:33 PM
Hi Smithie, I typed "activex" into Google and came up with a good page of definitions here (http://www.google.com/search?q=define:ActiveX).

Basically it is a program similar to Java that enables interactive content on Web sites, etc. Unfortunately it is possible for unscrupulous programmers to utilise ActiveX to run malicious code when you view a webpage or emails. It is good practice to ensure that all your ActiveX settings in Internet Explorer's options are set to Prompt so that you can decide whether to alllow it depending on whether you deem it to be safe.

Have a look at my Spyware FAQ (link to FAQs top right of this page) for tips on preventing getting infected with spyware.

Note that alternative browsers to Internet Explorer such as Opera, Firebird and Mozilla do not utilise ActiveX and thus are much more safe from nasties. :-)

Murray P
30-11-2003, 06:44 PM
An activex control is an applet that lets programs interoperate/use and share information. if you look at IE Tools > Options > General > Settings > View Objects, in the folder that is opened, you should have at least one or two of them. If you use windows update there should be one for that which AFAIK sets the rules for how your IE and your OS operate when whith windows update. MS have certificates to authenticate their activex controls but, just because windows doesn't like it, it doesn't necessarily mean it is harmfull it means its not one of MS's certified ones. I would be cautious though because they have such an intimate relationship with your OS if you get a buggy one or its maliceous then you can be in serious doodoo. Spyware/adaware often pop an activex into the folder mentioned above (C:\WINNT\Downloaded Program Files, in my case) to control whatever it is its associated with or more particularly controling something on your comp it shouldn't be. You can check them out by right clicking > Properties then looking through the tabed box to check who it belongs to. MS or Java are ok, Casino dialer is not for eg.

You can turn off the warning in IE > Options > Security > Custom level and disable downloading unsigned activex controls or enable it without a prompt (caution on the last one)

HTH Murray P

Jim B
30-11-2003, 07:21 PM
On the subject of alternative web browsers this article on PC World daily news might encourage people to change from IE as this is could be a very serious situation for IE users over the next few weeks if MS do not supply a patch.

New Explorer hole very critical

Kieren McCarthy, LONDON


An "extremely critical" hole in Internet Explorer may ruin Christmas for Microsoft and thousands of its customers.

The exploit can give system access to an intruder and allow them to install any code onto a host computer if that person simply visits a website with malicious coding on it. It bypasses security and could easily result in the release of sensitive information.

Microsoft has not been informed of the exploit and the details are now in the public domain, making the situation all the more risky. Security company Secunia.com found the exploit posted on a public mailing list by Chinese researcher Liu Die Yu Tuesday and has given it a rating of 4 out of 5.

Secunia CTO Thomas Kristensen warns that due to Microsoft's new policy of monthly security updates and patches, it may not be until January until the exploit is dealt with.

"Microsoft tends to take its time to resolve an issue to release a solid patch. At the moment they will be working on patches for December so there may be nothing until January unfortunately for users," he said.

A Microsoft spokeswoman says, however, that if the company felt the exploit was critical, it would make an exception to the normal monthly patches. There is no word yet how seriously the company is taking the issue.

Meanwhile, Kristensen warns that one of the holes is very similar to one that was exploited by the extremely damaging Nimbda virus. According to Secunia's advisory:

A redirection feature can bypass Explorer security that stops files on a foreign website from being run

That hole means a malicious file can be downloaded and run on a user's system

A cross-site script hole could allow the same file to be run within a user's protected "My Computer" area, yielding sensitive information

A previously fixed vulnerability can still be exploited so limited control over the computer can be achieved

A user's cache can be assessed with an invalid header field

Susan B
30-11-2003, 07:36 PM
> You can turn off the warning in IE > Options > Security > Custom level and disable downloading unsigned activex controls or enable it without a prompt (caution on the last one)

I would not recommend enabling any ActiveX settings without a prompt, it is too dodgy. It would not do any harm to disable them as long as you remember to re-enable for sites such as Windows Update and some bank sites. I find this a hassle though and prefer to just set them to Prompt.

Note that in my previous post I said to set them all to prompt. I should have said set the signed and safe ones to prompt and the unsigned/unsafe ones to Disable. Sorry about that. :8}

Smithie 38
30-11-2003, 08:27 PM
Hi, and thanks for the replies.

To Susan B, I was just sending a reply asking for further clarification when I noticed your second response which answered a couple of the points I was about to raise. However two of my settings are as follows -

Run Active X controls and plug ins - Set to "enable"
Script Active X controls marked safe for scripting - Set to "enable"

I know you said these should be set at prompt, but was scared to do so in the fear that , if requested, I could not decide whether to allow any of them depending on whether I deemed them to be safe. Am I worrying over nothing?? or can I safely set these to "prompt"

To Murray P thanks, and yes you have been a big help.

Jim B I have read your response with interest.

Smithie

Smithie 38
30-11-2003, 08:36 PM
I meant to say to you Susan B that your thread on Spyware was brilliant. I had Spybot and Spybasher installed and following on from your thread I downloaded Spyguard, so I am fully covered in that respect. :)

Oxie
30-11-2003, 08:37 PM
Hi Smithie 38

I use Netscape 98% of the time. Because I use IE the other 2% of the time I have followed the advice in this excellent URL http://hacker-eliminator.com/safebrowsing.html

It gives step-by-step instructions on how to configure IE to make it as safe as possible (assuming you are also fully patched). In other words disable all of ActiveX controls, and adjust the ActiveX controls in Trusted sites (like Microsoft, your Bank, etc) as suggested.

Oxie (Lyn)

Susan B
30-11-2003, 09:24 PM
> I know you said these should be set at prompt, but was scared to do so in the fear that , if requested, I could not decide whether to allow any of them depending on whether I deemed them to be safe. Am I worrying over nothing?? or can I safely set these to "prompt"

Set them to Prompt. Most of the time you can refuse requests unless it is for Windows Updates, your bank and the like, or maybe to view a .pdf file. I am sure you will be able to judge for yourself what sites to allow ActiveX scripts to run. Most will be OK and if not there is always Spybot and Ad-aware to clean up the mess afterwards. (just kidding :p :D)

Thank you for your kind words regarding the FAQ, I'm glad it is of some help. :-)

tweak\'e
30-11-2003, 09:28 PM
just to ad........

disabling activeX can save time and download speed/usuage due to you not downloading spyware etc. even tho IE asks before it installs it still downloads them. only way i know of to stop them actually downloading is to disable activeX.

Smithie 38
30-11-2003, 10:54 PM
Hi everyone.
Thanks for the replies. I now understand more about Active X and your helpful suggestions have been great.
Lyn, I will have a good look at that web site tomorrow when I am not so tired.
Smithie

Murray P
01-12-2003, 09:43 AM
Quite right Susan. The "caution" I posted, should have been a warning not advisable, don't unless you're looking for trouble. My own IE setting are disabled for unsigned and prompt for signed although my use of IE is restricted to windows update downloads if I can't find the file to download manually with Firebird. Java controlls, BTW, which do a similar thing for Mozilla, etc, don't have the same intimate relationship as ActiveX does with windows and are generally less dangerous.

Cheers Murray P