IE To Block Outdated Silverlight Plug-ins Next Month
Microsoft provided some news today about its Internet Explorer ActiveX blocking feature, including future support for blocking outdated Silverlight plug-ins.
ActiveX blocking is an IE security feature in that took effect on Sept. 9. It's been limited, so far, to acting on outdated Oracle Java ActiveX installations in IE. Users of the IE browser get a warning message that the old Java ActiveX control was blocked. They can then choose to either update the ActiveX control or run the control that was blocked (something that's not recommended by Microsoft). The problem with running outdated ActiveX controls is that they can be subject to malware exploits.
Many organizations may be just starting to get their feet wet with using the ActiveX blocking feature, but Microsoft is gradually expanding its scope. For instance, ActiveX blocking will be expanded to block outdated Silverlight plug-ins, starting on Nov. 11, 2014, Microsoft announced today. Silverlight is a browser plug-in that enables multimedia content on browsers. The ActiveX blocking feature will alert an IE browser user if they are running Silverlight plug-ins older than version 5.1.30514.0.
Microsoft's announcement also noted that ActiveX blocking currently does not work with IE 9 on Windows Vista Service Pack 2 or Windows Server 2008 Service Pack 2. Support for IE 9 ActiveX blocking on those operating systems is expected to be in effect on Nov. 11, 2014.
ActiveX blocking can be problematic for organizations running older Web applications on company intranets. Consequently, Microsoft has disabled ActiveX blocking for applications listed in IE's Local Intranet Zone and its Trusted Sites Zone. There are also Group Policy controls that can be used to control ActiveX blocking. It can even be turned off, if wanted.
Microsoft describes those ActiveX blocking details for IT pros in this TechNet article.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.