News

IE To Block Outdated Silverlight Plug-ins Next Month

Microsoft provided some news today about its Internet Explorer ActiveX blocking feature, including future support for blocking outdated Silverlight plug-ins.

ActiveX blocking is an IE security feature in that took effect on Sept. 9. It's been limited, so far, to acting on outdated Oracle Java ActiveX installations in IE. Users of the IE browser get a warning message that the old Java ActiveX control was blocked. They can then choose to either update the ActiveX control or run the control that was blocked (something that's not recommended by Microsoft). The problem with running outdated ActiveX controls is that they can be subject to malware exploits.

Many organizations may be just starting to get their feet wet with using the ActiveX blocking feature, but Microsoft is gradually expanding its scope. For instance, ActiveX blocking will be expanded to block outdated Silverlight plug-ins, starting on Nov. 11, 2014, Microsoft announced today. Silverlight is a browser plug-in that enables multimedia content on browsers. The ActiveX blocking feature will alert an IE browser user if they are running Silverlight plug-ins older than version 5.1.30514.0.

Microsoft's announcement also noted that ActiveX blocking currently does not work with IE 9 on Windows Vista Service Pack 2 or Windows Server 2008 Service Pack 2. Support for IE 9 ActiveX blocking on those operating systems is expected to be in effect on Nov. 11, 2014.

ActiveX blocking can be problematic for organizations running older Web applications on company intranets. Consequently, Microsoft has disabled ActiveX blocking for applications listed in IE's Local Intranet Zone and its Trusted Sites Zone. There are also Group Policy controls that can be used to control ActiveX blocking. It can even be turned off, if wanted.

Microsoft describes those ActiveX blocking details for IT pros in this TechNet article.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Microsoft Previews Azure Bastion Service for Private VM Access

    Microsoft on Tuesday announced a preview of the Azure Bastion service, which lets a user connect to an Azure virtual machine (VM) using a private Internet connection.

  • Microsoft Deprecating Windows To Go

    Microsoft plans to put an end to its Windows To Go product in the near future, according to a Friday support article.

  • Microsoft Releases Hyper-V Server 2019 After Long Delay

    Acknowledging that the release took "way too long," Microsoft has made Hyper-V Server 2019 available for download from the Microsoft Evaluation Center page.

  • Forklift Container

    A Better Way To Upgrade Hyper-V Storage

    It's time again for Brien to perform a major storage upgrade on his Hyper-V hosts. But this time, he's taking a new approach.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.