ActiveX. What is ActiveX leak and how to prevent
What is ActiveX?
ActiveX is a special Microsoft-developed technology used in Internet Explorer to improve interactivity of websites. ActiveX helps integrate small programs (ActiveX control elements) into websites, including Windows Media Player, Quicktime and others; this enables execution of web page-embedded files.
What is ActiveX Leak?
This is an information leakage through ActiveX, since its control elements directly interact with the operating system. Running ActiveX reveals your real IP, and your device or Internet connection details. What’s more, it is possible to execute any malicious code on your device.
By default, the browser asks for permission to install ActiveX elements, but it is recommended to manually check the security settings.
How to check security settings for ActiveX in Internet Explorer:
1. Click on the Settings icon displayed in the upper left corner and select “Internet Options”.
2. In the “Security” tab, click on “Custom Level”.
3. Find “ActiveX controls and plug-ins” and set these options:
Allow ActiveX filtering - Enable
Allow previously unused ActiveX controls to run without Prompt - Disable
Allow scriptlets - Disable
Automatic prompting for ActiveX controls - Disable
Display video and animation on a webpage that does not use external media player - Disable
Download signed ActiveX controls - Prompt (recommended)
Download unsigned ActiveX controls - Disable (recommended)
Initialize and script ActiveX controls not marked as safe for scripting - Disable (recommended)
Only allow approved domains to use ActiveX without prompt - Disable
Run ActiveX controls and plug-ins - Prompt
Run antimalware software on ActiveX controls - Enable
Script ActiveX controls marked safe for scripting - Prompt
4. Restart your browser.