Corporate developers who are not ready for an upcoming Internet Explorer update are getting a reprieve.
The next security update for Internet Explorer, expected by April 11, is scheduled to include changes to the way ActiveX processes dynamic content. These changes will force developers to make changes to their Web sites and Intranets, but Microsoft said Wednesday that it now plans to also release a second "compatibility patch," that will undo the ActiveX changes.
Without the compatibility patch, programmers must make changes to their server software. Otherwise, Internet Explorer will force users to click on a pop-up "tool tip" dialog box before being able to interact with things like Flash or QuickTime.
The compatibility patch will allow users to avoid the tool tip boxes on sites that have not made the changes, but only for a limited time.
"This patch will function until the June IE security update is released at which time the changes to ActiveX are permanent," said Microsoft's public relations agency in an e-mail statement. That update is scheduled to be released June 13.
Microsoft is making the ActiveX changes in order to comply with a 2003 ruling against the company that found it had violated a patent held by Eolas Technologies Inc. and the University of California. Though Microsoft is appealing this ruling, and challenging the validity of the patent with the U.S. Patent Office, Microsoft still must make the changes or risk being found in contempt of court.
Though Web site operators and corporate developers are facing headaches, these changes will amount to little more than an annoyance for most IE users. They will not actually prevent Flash or QuickTime from running, but simply add the extra step of clicking on the tool tip.
The compatibility patch will be of more use to corporate IT departments than Web site operators, because corporate shops will be in a position to control whether or not their users install the software.
"While most Internet sites have already prepared for the ActiveX changes, some enterprise customers have given feedback that more time is needed to ensure applications are compatible with the ActiveX changes," the Microsoft statement said.
This next security update will be an important one, as it will also fix an unpatched vulnerability in Internet Explorer that hackers have been exploiting for a number of days now. This bug, which relates to the way Internet Explorer processes Web pages using the createTextRange() method, is considered critical because it can be exploited by hackers to run unauthorized software on a victim's machine.
(Elizabeth Montalbano contributed to this story)
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive Applications Resource Alerts
Recommend This
