On a new Windows Vista or Windows 7 computer, the first time you try to use Internet Explorer to open a web page that uses certain third-party ActiveX controls deemed “safe” by Microsoft, you are prompted to choose whether to install the control. If the control is not on the whitelist of safe controls, you are instead asked to verify whether you trust the control’s publisher before you decide whether or not to install the control.
This whitelist is found in the registry at HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved and its operation is documented in this blog post:
Additional information concerning this registry key can be found on MSDN at
Under this registry key you will see a whitelist of CLSIDs, which are globally unique class secure identifiers that uniquely identify each ActiveX control deemed safe by Microsoft.
What if you wanted to edit this whitelist to remove one or more of these ActiveX controls from the list by deleting the control’s CLSID registry subkey? To do so you would first need to know which ActiveX control each CLSID corresponds to, and the following article on eHow shows how you can do this:
Note: Editing the registry-based whitelist of ActiveX controls deemed safe for IE is not recommended or supported by Microsoft.
Mitch Tulloch is a seven-time recipient of the Microsoft Most Valuable Professional (MVP) award and widely recognized expert on Windows administration, deployment and virtualization. For more tips by Mitch you can follow him on Twitter or friend him on Facebook.