Microsoft will release a security update for Internet Explorer that will also change how users interact with Web sites.
Microsoft Corp. will release Tuesday a security update for Internet Explorer that will also change how users interact with Web sites.
Some sites that rely on popular ActiveX controls, such as Apple's QuickTime, RealNetworks' RealPlayer, and Adobe's Flash and Acrobat, are likely to give users fits.
The change, which Microsoft has been warning Web site developers about since December 2005, was made to abide by a ruling in a patent infringement lawsuit Microsoft lost in 2003 to the University of California and its startup, Eolas Technologies Inc.
With the changes rolled out in a mandatory security fix, any IE user who downloads and installs Tuesday's security patches -- either manually or via an automated system such as Microsoft Update -- will likely need to modify how they use those sites which haven't been rewritten.
What should users expect?
--- By default, IE will now consider embedded ActiveX content as inactive. Thus on unmodified sites, ActiveX content will not run. In other words, music won't play or a Flash component won't launch.
--- To activate an interactive ActiveX control, move the mouse over the content -- which now will be boxed -- and click on the pop-up tool tip dialog.
--- Alternately, users can press the Tab key until the focus is set on the content's box, then press either the spacebar or Enter key to activate.
--- Each control on each page must be manually activated in this way.
Adobe has posted a short Flash-based demo that shows the activation process. (Ironic note: If you're using IE after the Tuesday update has been applied, you must active the Flash demo manually.)
"We will create a “compatibility patch” (deployed like a hotfix) that allows customers to turn off the change for a limited period of time through the June update cycle (2nd Tuesday in June)," wrote Mike Nash, Microsoft's head of security, in a blog posting last month.
The patch will put off the activation requirements until June 13.
"[This is] to provide time for enterprise customers to resolve compatibility issues," added Nash.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Cybersecurity Strategies for the Digital EraAt its core, digital business relies on strong security practices. In addition, leveraging security intelligence and integrating security with operations and developer teams can help organizations push the boundaries of innovation.