Enabling or Disabling ActiveX Controls

ActiveX controls are programs that do not run as standalone applications. Instead, ActiveX controls reside within a Microsoft Office file or within a browser such as Internet Explorer. ActiveX controls add rich functionality to your applications. For example, you can use an ActiveX control to add scheduling features to an Access database. ActiveX controls have full access to your computer. This makes them very powerful. For example, ActiveX controls can access the local file system and can change Registry settings of your operating system. This makes them potentially very dangerous. A hacker can use an ActiveX control to render Windows unusable!

You can take two steps to help ensure that ActiveX controls do not cause harm to your computer. First, as the developer, you can design ActiveX controls with security in mind. Second, you can use the Trust Center to check for two settings before the ActiveX control is loaded. It is important that the kill bit on the control is set in the Registry. This prevents controls that have a known exploit from being loaded. If the kill bit is set, Access will not load the control under any circumstances. Another important step is to ensure that the control is marked Safe for Initialization (SFI). The developer marks the control as SFI to verify the safety of the control. If the control is determined to be Unsafe for Initialization (UFI), the Trust Center applies additional restrictions on the control. If a database contains VBA code (or macros) and ActiveX controls, the Trust Center applies even further restrictions.

If you load a database containing an ActiveX control, you will receive a Security Warning in the message bar. You must click Options and then select Enable This Content before the ActiveX control becomes usable. The exception to this scenario is if the database is either signed or placed in a trusted location. If the kill bit is set, the ActiveX control will not be enabled in either of those situations.

You can use the Trust Center to change ActiveX security settings for all your databases. Here’s the process:

1. Click the Microsoft Office button and select Access Options. The Access Options dialog box appears.
2. Click Trust Center on the left side of the dialog box.
3. Click the Trust Center Settings command button. The Trust Center dialog box appears.
4. Click ActiveX Settings. Here, you can disable all ActiveX controls without notification, you can ask to be prompted before enabling Unsafe for UFI controls with additional restrictions and SFI controls with minimal restrictions, you can ask to be prompted before enabling all controls with minimal restrictions, or you can enable all controls without restrictions and without prompting. I do not recommend the final option because it opens you up for significant damage to your computer.