[HFSlip & NLite ?]

Ah, yes. I should have figured that one out. Firefox users needn't worry about ActiveX anyway.

Are the other scripts just set to disabled by default? I guess I was hoping for some way to limit the power of scripts without shutting them off entirely.

[HFSlip & NLite ?]

i suppose i should disclose that i set a bunch of security measures, too...

i make it simple to close NetBIOS over TCP/IP (look in NETTCPIP.INF)

DCOM will be shut off, preventing possible exploits

TCP/IP will be hardened against some DDOS attacks and malformed packet attacks. (I added settings that NIST recommends)

Port 135 will be closed by default

Scripting exploits and ActiveX exploits simply won't work

i turn off remote registry editing service by default

i turn off windows 'popup' messenger service by default

How do you prevent scripting exploits and ActiveX exploits from working?