The private and public sectors depend heavily upon information technology (IT) systems to perform essential, mission-critical functions. As existing technology evolves and new technologies are introduced to provide improved capabilities and advanced features in systems, new technology-related vulnerabilities often arise. Organizations implementing and using advanced technologies must be increasingly on guard. One such category of technologies is active content. Broadly speaking, active content refers to electronic documents that can carry out or trigger actions automatically without an individual directly or knowingly invoking the actions. Exploits based on vulnerabilities in active content technologies can be insidious. The following key guidelines are recommended to organizations for dealing with active content.