How to Stop an ActiveX Control from Running in Internet Explorer

ID: Q240797

The information in this article applies to:
  • Microsoft Internet Explorer versions 4.01 Service Pack 2, 5 for Windows 98
  • Microsoft Internet Explorer versions 4.0, 4.01, 4.01 Service Pack 1, 4.01 Service Pack 2, 5 for Windows 95
  • Microsoft Internet Explorer versions 4.0, 4.01, 4.01 Service Pack 1, 4.01 Service Pack 2, 5 for Windows NT 4.0
  • Microsoft Windows 98 Second Edition
  • Microsoft Windows 98
IMPORTANT: This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore it if a problem occurs. For information about how to do this, view the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.

SUMMARY

This article describes how to modify the data value of the Class ID (CLSID) of an ActiveX control to prevent it from running in Internet Explorer.


MORE INFORMATION

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).

WARNING: Microsoft does not recommend "unkilling" (undoing the kill action on) an ActiveX control. If you do so, you may create security vulnerabilities. The kill bit is normally set for a reason that may be critical, and because of this, extreme care must be used when you unkill an ActiveX control.

You can prevent an ActiveX control from running in Internet Explorer by setting the "Kill Bit" so that the control is never called by Internet Explorer. The "Kill Bit" is a specific value for the Compatibility Flag value in the registry. Note that this is different than revoking the "safe for scripting" option in an ActiveX control. When the "safe for scripting" option is revoked, Internet Explorer still calls for the control and then prompts you with a warning message that the ActiveX control may be unsafe. Depending on the choice you make, the control may be run. However, after the "Kill Bit" is set for an ActiveX control, that control is not called by Internet Explorer at all. To set the "Kill Bit":

  1. Use Registry Editor to view the data value of the Compatibility Flag of the ActiveX object CLSID in the following registry key
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\CLSID of the ActiveX control
    where CLSID of the ActiveX Control is the class ID of the appropriate ActiveX control.

    NOTE: To determine which CLSID corresponds with the ActiveX control that you want to disable, you must first remove all of the ActiveX controls that are currently installed, install the control that you want to disable and then add the "Kill Bit" to its CLSID.


  2. Change the value of the "Compatibility Flag" data value to:

    Compatibility Flag: 00000400


Additional query words:

Keywords : kbenv msiew95 msient win98 msiew98 win98se
Version : WINDOWS:4.0,4.01,4.01 Service Pack 1,4.01 Service Pack 2,5
Platform : WINDOWS
Issue type : kbinfo


Last Reviewed: January 28, 2000
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.