Details
By default, third-party ActiveX controls are not allowed to run in one-off forms in Outlook.
You can change this behavior so that Safe Controls (Microsoft Forms 2.0 controls and the
Outlook Recipient and Body controls) are allowed in one-off forms, or so that all ActiveX
controls are allowed to run. The recommended state for this setting is- Enabled-Load only
Outlook Controls.
*Rationale*
If additional types of Active X controls are allowed, particularly un-trusted third-party
controls, the risk of malware infecting the computer increases.
Solution
To implement the recommended configuration state, set the following Group Policy setting
to Enabled.
User ConfigurationAdministrative TemplatesMicrosoft Outlook 2010SecurityAllow
Active X One Off FormsAllow Active X One Off Forms
Then set the Allow Active X One Off Forms option to Load only Outlook Controls.
Impact-This setting enforces the default configuration and therefore should not have any effect on
usability.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.