RealTime IT News

Security, Patent Tweaks For Internet Explorer

Microsoft this week has updated how Internet Explorer 6.0 handles ActiveX controls, bringing it into alignment with IE 7.0 and the Eolas patent-infringement suit.

The update, which affects Windows XP and Windows Server 2003, removes the ability for ActiveX controls to be run automatically. Instead, users of XP SP2 and Windows Server 2003 SP1 must manually turn on the controls.

The beta version of IE 7.0 by default disables ActiveX commands.

The changes were described as "minor" and having "little or no impact on customer experience," according to a Microsoft spokesperson.

"The purpose of the update is to provide IE 6.0 customers with the minor changes to how Internet Explorer handles some Web pages that use ActiveX controls," the spokesperson told internetnews.com in an e-mail statement.

The change comes just months after Microsoft informed developers that changes to the browser were on their way.

At the gathering of Web publishers and advertisers, Michael Wallent, general manager of Microsoft's Windows Client platform, described the alteration as "an almost invisible change," internetnews.com reported at the time.

As previously reported by internetnews.com, Wallent said the change would be included in future versions of IE, but it could take four to six months before reaching the majority of customers.

In 2003, Eolas won a $521 million patent-infringement suit against Microsoft.

Eolas in 1999 sued the software company over the automatic launching of ActiveX controls. After the court victory, Eolas asked the court to bar further distribution of IE.

To counter the possibility of any prohibition of the browser, Microsoft responded it would change how ActiveX controls are enabled.

"Now when an end user goes to a Web site with ActiveX controls, before actually interacting with the control, they must first click once to activate it," Wallent told the group in December.

The IE 6 update follows a two-week old patch to correct IE 5.01. That fix addressed a problem with the Windows Metafile, possibly enabling attackers to take control of the computer.

The update is available through Microsoft's Download Center or Windows Update. More information about the update is available from Microsoft's support Web site.