Please note, Internet Explorer (a.k.a. IE or MSIE) is not Thief Ware, but it does provide a way for all sorts of programs to take advantage of IE's ActiveX controls for the purpose of downloading software automatically. In fact, the Webmaster community would probably be elated if Microsoft stepped up to the plate and used their popular browser to help put a stop to this nonsense. HINT-HINT Microsoft? That would definitely be a positive move for the MS giant.

The comments area below outlines a way to set higher security levels for ActiveX controls.

PROGRAM NAME
Internet Explorer

SUPPLIER
Microsoft

AD TYPES
Currently None. Last year Microsoft tried to release MSIE with Smart Tags. The general Webmaster community did not approve. Microsoft decided to listen to the Webmaster's plea (at least for now).

DISTRIBUTION METHOD
Direct download of Internet Explorer and/or bundled with Microsoft Windows OS.

AFFECTED BROWSERS
Microsoft Internet Explorer, most versions

EASE OF UNINSTALL
Probably not an option for everyone. You can switch to Netscape or Opera because neither browser runs ActiveX programs that can download various software or even malicious viruses automatically if a site owner desired to use it in such a manner. It's possible to download such software without your knowledge assuming you don't have custom settings set for ActiveX controls. The instructions below will help you avoid this problem.

DISABLING METHOD (server-delivered)
Not Applicable

OTHER COMMENTS
For those that want to use MSIE, set ActiveX controls to prompt you.

ActiveX has been exploited by Gator partner sites to save the Gator application to your computer. If you are wondering how Gator got onto your computer without your knowledge, this might be the reason. TopText has been reported to have been installed with the same technique. Other spyware applications may also utilize ActiveX to auto-install their software. This happens when a Web site deliberately uses an ActiveX component to run from its Web server and execute via MSIE. The ActiveX is programmed to download and save the application to your computer. It possible does that without your knowledge unless you change your settings within MSIE.

The reason it happens is that many users have a low security setting for ActiveX controls and do not realize these low security settings allow ActiveX to do various activities on your computer without letting you know before hand. They act on auto-pilot without user prompts. To make IE give you prompt and feedback set the following controls:

Look under main menu item: Tools
Go to: Internet Options
Select: Security tab
Select icon: Internet
For Internet Zone, click button: Custom Level
Click: Settings
~ Security Settings window pops up ~
Under ActiveX Controls and Plug-in change these settings:
• Download signed ActiveX controls Prompt
• Download unsigned ActiveX controls Disable
• Initialize and script ActiveX controls not marked as safe Disable
• Run ActiveX controls and plug-ins Prompt
• Script ActiveX controls marked safe for scripting Prompt

Setting everything to “Disable” for ActiveX controls could be done. However, this will stop Flash from working on your browser and various sites that you visit will stop working if those sites make heavy use of

The difference between “signed” and “unsigned” or “marked safe” and “not marked as safe” when dealing with ActiveX is not known by us and perhaps it makes very little difference.

It should not be necessary to disable everything in the security window nor would you want to do that because so much of the web relies on various functions. But if you don't know what to expect from a site and the site puts up an ActiveX control, you can deny it from running if you can't trust the site.

Unfortunately IE uses ActiveX to launch Flash so you end up getting OK-cancel popup warnings for sites with Flash which is a drawback but if you want that bit of extra protection in IE, you will put up with that. Netscape and Opera do not have the same vulnerability because they do not use ActiveX.

Those settings above will help protect you substantially and alert you to any ActiveX that would normally sneak up on you and install software onto your computers.

Why should you care?
If ActiveX can sneak programs onto your computer, ActiveX could also sneak Viruses onto your computer from Web sites. Changing your security settings for ActiveX should minimize that threat to you.