If you've allowed ActiveX in the Internet Zone, you shouldn't. You'll allow unsigned controls to execute (if they didn't sign it, you have to wonder why they didn't), and ActiveX controls can do whatever they like once they start--there's no security-based sandbox like with Java and JavaScript. That means you could end up with a dead system in the time it takes the page to load.
Unless you have a very specific reason (company intranet, for example) for enabling ActiveX controls, just say "no."
The security settings are in the registry, if you really want to mess with them.
See HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
and set Current Level in Zones 0, 1, and 3 to 0. It's best to do this with IE closed; otherwise, you'll have to restart IE for the settings to become active.
But it's not a good idea to do this if you use the browser to surf the broad Internet, because you'll end up with spyware, adware, and other assorted malware bloating (if not eating) your PC in no time.
