STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Microsoft Internet Explorer 11 Security Technical Implementation Guide

V-223049

CAT II (Medium)

Enabling outdated ActiveX controls for Internet Explorer must be blocked.

Rule ID

SV-223049r960963_rule

STIG

Microsoft Internet Explorer 11 Security Technical Implementation Guide

Version

V2R7

CCIs

CCI-000381

Discussion

This feature keeps ActiveX controls up to date and helps make them safer to use in Internet Explorer. Many ActiveX controls are not automatically updated as new versions are released. It is very important to keep ActiveX controls up to date because malicious or compromised webpages can target security flaws in out-of-date ActiveX controls.

Check Content

In the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Internet Explorer >> Security Features >> Add-on Management, verify "Turn off blocking of outdated ActiveX controls for Internet Explorer" is set to “Disabled”. 

Use the Windows Registry Editor to navigate to the following key: 

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext 

If the value "VersionCheckEnabled" is REG_DWORD = 1, this is not a finding.

Fix Text

In the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Internet Explorer >> Security Features >> Add-on Management, set "Turn off blocking of outdated ActiveX controls for Internet Explorer" to "Disabled".