Outlook 2003 and Active-X security

Hello all,

I was wandering if there is a change in ActiveX security policy in MS OL
2003

i have this MailItem form i designed, it is saved as an oft file, that form
contains an ActiveX control i have written ,i create that form through my
com addin using OOM api CreateItemFromTemplate, this worked well in all
Outlook versions, but now im testing it on the new OL2003 beta, once i
create my form i get this msgbox saying "In order to prevent malicious code
from running .....",outlook loads the form but simply removes my activeX
control..

i read about the security changes added to this version, but i did not find
any reference to changes in ActiveX security policy,

has anyone encountered this issue?

is there a way to configure and "lower" these security settings, or a way to
work around this?

MS once released this small application which configures security settings
at the admin level (there are options to set trusted comaddins,trusted
attachments, trusted MAPI api calls), that app also contains an activeX
control --> when i load it i get the same error msg i get

Can someone from MS clarify this?

Thanks in advance

Daniel.

Information from the Outlook team about this:

ActiveX Controls will not Load in One-off Forms

When Outlook receives a message containing a form definition, the item
is
considered to be a one-off form. To help prevent unwanted script and
controls from running in one-off forms, Outlook will not load ActiveX
controls in one-off forms by default. This behavior can be controlled
by
administrators using one of the following registry settings.

HKCU\Software\Policies\Microsoft\Office\11.0\Outlook\Security

HKCU\Software\Microsoft\Office\11.0\Outlook\Security

AllowActiveXOneOffForms (DWORD)

not present - Only load controls that are listed below. (default)
0 - Only load controls that are listed below.
1 - Allow only safe controls.
2 - Allow all ActiveX controls.

The following controls can be used in one-off forms:

a.. Controls from fm20.dll
b.. Microsoft Office Outlook Rich Format Control
c.. Microsoft Office Outlook Recipient Control
d.. Microsoft Office Outlook View Control


--
Ken Slovak
[MVP - Outlook]
http://www.slovaktech.com
Lead Author, Professional Outlook 2000 Programming, Wrox Press
Lead Author, Beginning VB 6 Application Development, Wrox Press
Attachment Options
http://www.slovaktech.com/attachmentoptions.htm
Extended Reminders
http://www.slovaktech.com/extendedreminders.htm


"shrem" <shremd@zahav.net.il> wrote in message
news:ek18G86SDHA.2148@TK2MSFTNGP11.phx.gbl...
> Hello all,
>
> I was wandering if there is a change in ActiveX security policy in
MS OL
> 2003
>
> i have this MailItem form i designed, it is saved as an oft file,
that form
> contains an ActiveX control i have written ,i create that form
through my
> com addin using OOM api CreateItemFromTemplate, this worked well in
all
> Outlook versions, but now im testing it on the new OL2003 beta, once
i
> create my form i get this msgbox saying "In order to prevent
malicious code
> from running .....",outlook loads the form but simply removes my
activeX
> control..
>
> i read about the security changes added to this version, but i did
not find
> any reference to changes in ActiveX security policy,
>
> has anyone encountered this issue?
>
> is there a way to configure and "lower" these security settings, or
a way to
> work around this?
>
> MS once released this small application which configures security
settings
> at the admin level (there are options to set trusted
comaddins,trusted
> attachments, trusted MAPI api calls), that app also contains an
activeX
> control --> when i load it i get the same error msg i get
>
> Can someone from MS clarify this?
>
> Thanks in advance
>
> Daniel.
>
>
>