Microsoft KB Archive/317599

= ActiveX Inline Data Streaming Functionality Is Disabled After You Install the Q313675 Security Patch =

Article ID: 317599

Article Last Modified on 1/31/2007

-

APPLIES TO


 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 5.5 Service Pack 1
 * Microsoft Internet Explorer 5.5 Service Pack 2
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0
 * Microsoft Internet Explorer 6.0

-



This article was previously published under Q317599



IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry



SYMPTOMS
If you apply the MS01-058 update that is described in the following Microsoft Knowledge Base article, the Inline Data Streaming functionality of ActiveX is disabled:

313675 File Vulnerability Patch for Internet Explorer 5.5 and 6.0



CAUSE
This issue may occur because Inline Data Streaming presents a security vulnerability. The MS01-058 update includes the MSRC 944 security fix that disables BASE 64 Inline Data Streaming to ActiveX controls by default. Inline Data Streaming for ActiveX will remain disabled in future security updates.



RESOLUTION
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

To enable Inline Data Streaming after you apply the MS01-058 update:  Start Registry Editor (Regedit.exe). Locate and click the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility

 Click Add Value on the Edit menu, and then add the following registry value:

Value name: EnableInlineData

Data type: REG_DWORD

Radix: Decimal

Value data: 1

 Quit Registry Editor.

To protect your data from being read, disable ActiveX controls for all zones. You must determine if you need to run ActiveX controls in your intranet zone (if you are not sure, disable ActiveX controls). If you explicitly trust Internet or intranet sites, and you want to run ActiveX controls from these sites, add these sites (and these sites only) to the trusted zone.

To disable ActiveX controls in the Internet zone:
 * 1) Click Internet Options on the Tools menu, and then click the Security tab.
 * 2) Click Internet in the Select a Web content zone to specify its security settings section, and then click Custom Level.
 * 3) In the Run ActiveX Scripts and Plugins section, click Disable, and then click OK.

To disable ActiveX controls in the intranet zone:
 * 1) Click Internet Options on the Tools menu, and then click the Security tab.
 * 2) Click Intranet in the Select a Web content zone to specify its security settings section, and then click Custom Level.
 * 3) In the Run ActiveX Scripts and Plugins section, click Disable, and then click OK.

To configure Internet Explorer to allow ActiveX controls to run from trusted Web sites, complete the following procedure.

NOTE: The security settings of the Trusted Sites Web content zone uses the Low security setting by default. This setting allows Web sites in the zone to run ActiveX controls and plug-ins.
 * 1) Click Internet Options on the Tools menu, and then click the Security tab.
 * 2) Click Trusted Sites in the Select a Web content zone to specify its security settings section, and then click Sites.
 * 3) Type the hyperlink address of the Web site that you want to add to the trusted site zone in the Add this Web site to the zone box, and then click Add.

NOTE: If the Require Server Verification (https:) for all sites in this zone check box is selected, you can add only addresses that begin with &quot;https:&quot;. Hypertext Transfer Protocol server (HTTPS) is a communications protocol that is designed to transfer encrypted information between computers over the Web. HTTPS is Hypertext Transfer Protocol (HTTP) that uses Secure Sockets Layer (SSL).
 * 1) Repeat the preceding step until all of the Web sites that you want to add have been added, and then click OK twice.

For additional information about how to work around this issue, click the article numbers below to view the articles in the Microsoft Knowledge Base:

320868 SAMPLE: TreeViewWrapper.exe Provides Another Option to ImageList and Inline Data in Internet Explorer

320940 Sample: Picture Download.exe Enables Population of an ImageList with URLs



MORE INFORMATION
ActiveX programs that use Inline Data Streaming may not function correctly after you install MS01-058. The following code demonstrates how to use the DATA attribute to pass inline data to an ActiveX control: <OBJECT ID=&quot;myCtrl&quot; WIDTH=50 HEIGHT=50 CLASSID=&quot;CLSID:nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn&quot; DATA=&quot;DATA:application/x-oleobject;BASE64,j43aWGqdGxCvwEIQECqNpy FDNBIIAAAA7QMAAO0DAACAfuHmAgAFADEAAAAQ&quot;> </OBJECT>

Additional query words: inline datastream data stream in-line method

Keywords: kbfix kbenv kbprb KB317599

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.