Disabling ActiveX and Java in Internet Explorer


Recently, a large number of security holes in ActiveX controls have been found. These controls ship with Windows 95, Windows 98, and Internet Explorer. Because Microsoft has not released patches yet for all of these controls, the only way to be safe is to turn off ActiveX support in Internet Explorer. This page provides instructions for doing this in Internet Explorer 4 and Internet Explorer 5.

The instructions also provide information about how to turn off Java support at the same time.

To see what dangerous ActiveX controls are installed on your own system, Click Here.

How to turn off ActiveX and Java in Internet Explorer 4.

  1. Under the Windows Start menu, select the Settings | Control Panel command.
  2. Double-click on the Internet icon in the Control Panel window.
  3. Select the Security tab in the Internet Properties dialog box.
  4. Make sure that the Internet zone is selected.
  5. Push the Reset button to make sure that the Internet zone is at the Medium level.
  6. Select the Custom level option for the Internet zone.
  7. Push the Settings button for the Custom level.
  8. For the setting "Script ActiveX controls marked safe for scripting" in the Security Settings Dialog box and check the Disable option. Note, by changing only this setting, ActiveX controls are effectively disabled and no annoying warning messages are displayed if a page attempts to use an ActiveX control.
  9. To also disable Java, scroll down to the setting labelled "Java Permissions" and check the Disable option. If you do not wish disable, Java you should instead get the Microsoft JVM update. This update fixes a very serious hole in the Java Virtual Machines used by IE4. Click here to get the Microsoft update.
  10. Click the Ok button in the Security Settings Dialog box.
  11. Click the Ok button in the Internet properties dialog box.
  12. To test to make sure that ActiveX controls have been properly disabled, Click Here. All ActiveX controls should now display as "Not Found".


How to turn off ActiveX and Java in Internet Explorer 5.

  1. Under the Windows Start menu, select the Settings | Control Panel command.
  2. Double-click on the Internet Options icon in the Control Panel window.
  3. Select the Security tab in the Internet Properties dialog box.
  4. Make sure that the Internet zone is selected.
  5. Click on the Default Level to make sure that the Internet zone is at the Medium level.
  6. Push the Custom Level... button.
  7. Scroll down to the setting labelled "Script ActiveX controls marked safe for scripting" in the Security Settings Dialog box and check the Disable option. Note, by changing only this setting, ActiveX controls are effectively disabled and no annoying warning messages are displayed if a page attempts to use an ActiveX control.
  8. To also disable Java, scroll down to the setting labelled "Java Permissions" and check the Disable option. If you do not wish disable, Java you should instead get the Microsoft JVM update. This update fixes a very serious hole in the Java Virtual Machines used by IE4. Click here to get the Microsoft update.
  9. Click the Ok button in the Security Settings Dialog box.
  10. Click the Ok button in the Internet properties dialog box.
  11. To test to make sure that ActiveX controls have been properly disabled, Click Here. All ActiveX controls should now display as "Not Found".

Comments? Questions? Richard M. Smith