1. Understanding add-ons
Internet Explorer supports add-ons that provide a wide array of services. For example:
-
You can run an add-on that provides audio and video support for a unique protocol.
-
Businesses can use ActiveX-based add-ons to extend the capability of their web applications.
-
Users might unwittingly run an ActiveX add-on that installs malware on their PC.
Add-ons can be useful, but they can also create challenges.
In Internet Explorer 10, your ability to use add-ons depends on which
variation of Internet Explorer 10 you’re using. One of the critical
differences between the two variations of Internet Explorer 10 in
Windows 8 is in how each supports add-ons. Add-ons have two important
drawbacks:
Therefore, the use of add-ons is not supported in the
touch-optimized variation of Internet Explorer 10, although the desktop
variation continues to provide full support. Because the
touch-optimized UI in Internet Explorer 10 doesn’t support add-ons, you
might have a very different browsing experience as you move between the
two variations of the product, and you might not be able to do
everything in the touch-optimized UI to which you’ve become accustomed
in the desktop UI.
2. Managing ActiveX controls
For those using the traditional Internet Explorer 10 for the
desktop, ActiveX controls remain the most common type of add-on that
users will experience. In modern versions of Internet Explorer, the
user is protected from malicious ActiveX controls through a combination
of administrator-defined parameters and warnings that appear when
ActiveX content is about to be executed.
Controlling ActiveX opt-in
The most common interaction that you will have with ActiveX occurs
when someone browses to a site on the Internet that requires an ActiveX
add-on to be installed to enable some kind of functionality on the
page. When this happens, an Active-X installation request like the one
shown in Figure 1 appears at the bottom of the browsing window.
These kinds of ActiveX controls are not installed automatically.
Instead, a user must deliberately click the Install button to proceed
with the installation of the identified tool. When the user clicks
Install, the Windows 8 User Account Control feature intercepts the
installation request and requests permission for the installation to
proceed. If the user allows the installation, the installation
proceeds, and the ActiveX control is allowed to operate.
In the preceding example, the user was browsing to a site on the
Internet, which is why she had to go through the multistep approval
process to install the ActiveX control. The outcome is different if the
user is browsing to a local site on the intranet or to a site on the
Trusted Sites list. If browsing to a site that exists in one of those
zones, the user is not prompted for the installation of the ActiveX
control because controls in those zones are assumed to be trusted.
You can modify the behavior of Internet Explorer so that it requires permission before executing ActiveX controls. To change the configuration of a zone, complete the following steps:
-
Open Internet Explorer from the desktop.
-
In Tools, choose Internet Options and select the Security tab.
-
Choose the zone you’d like to modify and click the Custom Level button near the bottom of the window.
-
In the Security Settings window—which is like the windows shown in Figures Figure 2 and Figure 3—scroll down until you locate the ActiveX Controls And Plug-Ins section.
-
Under Allow Previous Unused ActiveX Controls To Run Without Prompting, decide how you want to handle these items:
-
Click OK until you’re back at the browsing window.
