Installed ActiveX apps run in internetzone

[Scott]

I have McAfee Security Center installed. It uses a bunch
of activex controls to run.
In IE, my security is set such that in the Internet zone,
ActiveX controls do not run. I wont change this.

How do I get IE to recognize that the applications
already installed on my computer are NOT in the Internet,
but rather should be in either trusted or local intranet
zones? How do I configure either of these so that a path
to a local control (ie C:\Program Files\blah\blah) should
be considered local intranet?
TIA

 

[Charlie Tame]

The Zone Editor from here might help you to experiment...
http://semper.fi.tripod.com

I seriously doubt that McAfee will have bothered that lowering your security
is necessary to use their product but then I wouldn't pay 2c for it anyway
since these things are generally smoke and mirrors with a side serving of
"False sense of security" thrown in.

By the way I have never had a problem with "Signed" Activex, but many with
"Unsigned". Are the McAfee ones signed? Let me answer with a guess... no,
because they won't pay MS to check them out.

I would keep your settings and dump the other junk - of course that's just a
personal opinion. See what others have to say. Oh, you might want to mention
what version of Windows you use.

Charlie

 

[Scott]

Good point. This is on WinXP.
McAfee stuff was a 6mo bundle, so its not costing me
anything yet. I'm not impressed so far. I havent gotten
them to even realize the issue - no I'm not surprised at
your comments.

I will not lower my settings, at least not as admin. Also
means I cant update the McAfee signatures, as the control
center wont run with ActiveX controls turned off. I cant
remember if they are signed or not (they may actually be
signed). As an admin, I dont want to run anything - as a
user I've got signed ActiveX controls set to prompt.

Actually my issue is just as much a Microsoft Internet
Explorer issue as it is a McAfee one. IE seems to think
that controls on the computer are actually on the
internet. Makes the different zones pointless.

I'll have a look at the website you posted. Thanks much.
-scott

 

[Charlie Tame]

Well adding website URLs to the trusted zone will overcome this problem to
some extent maybe, it's a good feature but little used (understood?) by
many.

Always have the windows update site there, I guess in that regard McAfee
should be alright there too for updates, but I can;t think of an obvious way
to deal with local stuff.

Do have a look at that utility in case you can figure something out, in fact
if you can I bet the author would be pleased to hear your solution, he's a
security minded guy too I think.

I'd still wait for other comments here, I don't have any AV product except
AVG which doesn't pretend to do "Security" stuff and frankly I hope it never
does. Many of the big boys seem to want to be all things to all people and
that seems to me a double edged sword.

No expert on ActiveX except with Comet (?!>?!) Cursor, Gator and the like
and now we have to watch for the MS Java machine too.

http://www.merijn.org/cwschronicles.html#byteverify

Here's another link you might find interesting. Have used Eric's enough is
enough utility (W2000) and it also works reliably but of course still
doesn't directly provide an answer to your question.


http://www.staff.uiuc.edu/~ehowes/resource6.htm

Charlie