March 13th, 2010
About UsFree NewsletterEventsWebinarsTechlearning

Topics Systems Integration Data Management Security Mobile/ Wireless ROI back office District News

Types Feature Articles Trends & Resources Columns CIO Profiles
SEARCH

   

   

IE Changes Due: What You Can Expect


  By Gregg Keizer
Printable Version
Email this Page

Courtesy of InternetWeek

Microsoft Corp. will release Tuesday a security update for Internet Explorer that will also change how users interact with Web sites.

Some sites that rely on popular ActiveX controls, such as Apple's QuickTime, RealNetworks' RealPlayer, and Adobe's Flash and Acrobat, are likely to give users fits.

The change, which Microsoft has been warning Web site developers about since December 2005, was made to abide by a ruling in a patent infringement lawsuit Microsoft lost in 2003 to the University of California and its startup, Eolas Technologies Inc.

With the changes rolled out in a mandatory security fix, any IE user who downloads and installs Tuesday's security patches — either manually or via an automated system such as Microsoft Update — will likely need to modify how they use those sites which haven't been rewritten.

What should users expect?

  • By default, IE will now consider embedded ActiveX content as inactive. Thus on unmodified sites, ActiveX content will not run. In other words, music won't play or a Flash component won't launch.
  • To activate an interactive ActiveX control, move the mouse over the content — which now will be boxed — and click on the pop-up tool tip dialog.
  • Alternately, users can press the Tab key until the focus is set on the content's box, then press either the spacebar or Enter key to activate.
  • Each control on each page must be manually activated in this way.

Adobe has posted a short Flash-based demo that shows the activation process. (Ironic note: If you're using IE after the Tuesday update has been applied, you must active the Flash demo manually.)

Microsoft has acknowledged that not all Web site developers will have modified their pages to account for IE's new behavior — the easiest way for developers to sidestep user activation is to call the ActiveX controls via JavaScript — and so will also release a patch on Tuesday to delay the changes.

"We will create a “compatibility patch” (deployed like a hotfix) that allows customers to turn off the change for a limited period of time through the June update cycle (2nd Tuesday in June)," wrote Mike Nash, Microsoft's head of security, in a blog posting last month.

The patch will put off the activation requirements until June 13.

"[This is] to provide time for enterprise customers to resolve compatibility issues," added Nash.



Advertisement

Chicago-based Video Production
Digital video production for broadcast and corporate communication. Crews, Multi-Camera Production, Producers, Writers and Post Production.

Mitsubishi Audio Visual Equipment
Bring New Levels of Performance to Your Business & Home. Quickly Find the Right Audio Visual Equipment for Your Office or Home Theater.

Get summaries of top stories delivered to your desktop

Ultimate PC protection for multi-user environments
Sponsored by
RDT - Global

Laptop Security for K-12 Education
Sponsored by
Absolute Software

Standardizing to Give All Students Access to Technology
Sponsored by
HP

Engaging Students in Active Learning
Sponsored by
HP

Raising Educational Quality in the Face of Falling Budgets
Sponsored by
eSchoolPLUS

Networked for Learning: Enabling 21st Century Schools
Sponsored by
Education Networks of America

Prepare Today's Students for Tomorrow with Gateway Digital Classroom Program
Sponsored by
Gateway

Teaching and Learning with Tablet PCs
Sponsored by
Gateway

View all White Papers

· Data Quality
· Systems Integration
· Enterprise Architecture
· Security Assessment