i was also thinking about other activex controls that is on the computers, for example a script on a website that does something with an vulnerable activex control that is on the computer. we can not disable all activex controls on the computer with the internet explorer add-on manager.