See how to work with ActiveX controls in your files, changing their settings, and how to enable or disable them by using the Message Bar and the Trust Center. You can also learn more about ActiveX controls and how they improve your files.
IT Pros can learn more about planning ActiveX settings in the Plan security settings for ActiveX controls for Office 2010 TechNet article.
In this article
Enable ActiveX controls when the Message Bar appears
When you open a file that has ActiveX controls, the yellow Message Bar appears with a shield icon and the Enable Content button. If you know the controls are from a reliable source, use the following instructions:
-
On the Message Bar, click Enable Content.trusted document.
The file opens and is a
The following image is an example of the Message Bar when ActiveX controls are in the file.
Enable ActiveX controls in the Backstage view
Another method to enable ActiveX controls in a file is via the Microsoft Office Backstage view, the view that appears after you click the File tab, when the yellow Message Bar appears.
-
Click the File tab.
-
In the Security Warning area, click Enable Content.
-
Under Enable All Content, click Always enable this document's active content.trusted document.
The file becomes a
The following image is an example of Always enable this document's active content and Advanced Options.
The following image is a larger example of the Enable Content options.
Note: The one exception is an ActiveX control with the kill-bit set. In this state, the ActiveX control does not run. A kill bit is security feature that instructs an ActiveX control to never use a piece of ActiveX software, for instance by closing a security vulnerability, by or preventing code from running.
Enable ActiveX controls for one time when the Security Warning appears
Use the following instructions to enable controls for the duration of time that the file is open. When you close the file, and then reopen it, the warning appears again.
-
Click the File tab.
-
In the Security Warning area, click Enable Content.
-
Select Advanced Options.
-
In the Microsoft Office Security Options dialog box, select Enable content for this session for each ActiveX control.
The following image is an example of the Security Warning area when ActiveX controls can be enabled for the duration of time that the file is open.
Notes:
-
If the file contains a Visual Basic for Applications (VBA) project, for example, and a macro-enabled Microsoft Excel file, the Trust Center is more restrictive, because the file may contain macros.
-
Enable ActiveX controls and other active content only if you know that they are from a reliable source.
Change ActiveX-control settings in Word, Access, Excel, PowerPoint, Publisher, and Visio
Use the following instructions to enable or disable ActiveX controls in the Trust Center.
-
Click File > Options.
-
Click Trust Center > Trust Center Settings > ActiveX Settings.
-
Click the options you want, and then click OK.
The following is an example of the ActiveX Settings area of the Trust Center.
Important: If you change an ActiveX setting in Word, Access, Excel, PowerPoint, Publisher, or Visio, the settings are changed in all those programs.
ActiveX-control settings explained
The following explanations apply to ActiveX controls in files that are not in a trusted location or trusted documents.
Important: If you trust a file and do not want to receive security warnings about content containing ActiveX controls, or other active content, put the file in a trusted location.
-
Disable all controls without notification All the ActiveX controls in documents are disabled.
-
Prompt me before enabling Unsafe for Initialization (UFI) controls with additional restrictions and Safe for Initialization (SFI) controls with minimal restrictions There are two behaviors based on the presence of VBA projects:
-
With a VBA project All ActiveX controls are disabled and the Message Bar appears. Click Enable Content to enable the controls.
-
Without a VBA project SFI ActiveX controls are enabled with minimal restrictions and the Message Bar does not appear. However, ActiveX controls must all be marked as SFI to not to generate the Message Bar. UFI ActiveX controls are disabled. However, when a user enables the UFI controls they are initialized with additional restrictions (e.g. default values). Any persisted data that is part of the UFI control will be lost.
-
-
Prompt me before enabling all controls with minimal restrictions This is the default. There are two behaviors based on the presence of VBA projects:
-
With a VBA project All ActiveX controls are disabled and the Message Bar appears. Click Enable Content to enable the controls.
-
-
Without a VBA project SFI ActiveX controls are enabled with minimal restrictions and the Message Bar doesn’t appear. However, ActiveX controls must all be marked as SFI to not to generate the Message Bar. UFI ActiveX controls are disabled. However, when a user enables the UFI controls they are initialized with minimal restrictions (e.g. persisted values or default values if persisted values don’t exist).
-
Enable all controls without restrictions and without prompting (not recommended) Enable all ActiveX controls in documents with minimal restrictions.
-
Safe mode Enable SFI ActiveX controls in safe mode, which means a developer has marked the control as safe.
What is an ActiveX control and what are the risks?
ActiveX controls are small building blocks that create applications that work over the Internet through Web browsers. Examples include customized applications for collecting data, viewing certain kinds of files, and displaying animation. Common uses of ActiveX controls are command buttons, list boxes, and dialog boxes. Office programs also let you use ActiveX controls to improve some documents.
Risk and potential damage
ActiveX controls can have unrestricted access to your computer and therefore can access your local file system and change your operating system registry settings. If a hacker uses an ActiveX control to take over your computer, the damage can be significant.