The available options depend on Group Policy settings for per-user Active X installations and whether or not the control has been packaged to allow per-user installation.
While this feature offers the possibility of lowering total cost of ownership, IT Administrators running managed environments may elect to disable this feature via Group Policy.
If a user happens to install a malicious Active X control, the overall system will be unaffected, as the control was installed only under the user’s account.
Since installations can be restricted to a user profile, the risk and cost of compromise (and, in turn, the total cost of administering users on a machine) will be lowered significantly.
By default, Active X Opt-In disables most controls on a user's machine.
When the user encounters a Web page with a disabled Active X control, they will see an Information bar with the following text: "This website wants to run the following add-on "ABC Control" from "XYZ Publisher".
Users can use the Information bar to allow the control for a specific Web site or allow the control for all Web sites.Per-Site Active X When a user navigates to a Web site containing an Active X control, IE8 performs a number of checks, including a determination of where a control is permitted to run.This check is referred to as Per-Site Active X, a defense mechanism to help prevent malicious repurposing of controls.The first and simplest is to simply reinstall the browser.This is by far the fastest way to solve the problem, particularly if you are using Internet Explorer.IT Professionals administering a system of computers running Internet Explorer 8 may choose to preset allowed controls and their associated domains.