News

IE To Block Outdated Silverlight Plug-ins Next Month

Microsoft provided some news today about its Internet Explorer ActiveX blocking feature, including future support for blocking outdated Silverlight plug-ins.

ActiveX blocking is an IE security feature in that took effect on Sept. 9. It's been limited, so far, to acting on outdated Oracle Java ActiveX installations in IE. Users of the IE browser get a warning message that the old Java ActiveX control was blocked. They can then choose to either update the ActiveX control or run the control that was blocked (something that's not recommended by Microsoft). The problem with running outdated ActiveX controls is that they can be subject to malware exploits.

Many organizations may be just starting to get their feet wet with using the ActiveX blocking feature, but Microsoft is gradually expanding its scope. For instance, ActiveX blocking will be expanded to block outdated Silverlight plug-ins, starting on Nov. 11, 2014, Microsoft announced today. Silverlight is a browser plug-in that enables multimedia content on browsers. The ActiveX blocking feature will alert an IE browser user if they are running Silverlight plug-ins older than version 5.1.30514.0.

Microsoft's announcement also noted that ActiveX blocking currently does not work with IE 9 on Windows Vista Service Pack 2 or Windows Server 2008 Service Pack 2. Support for IE 9 ActiveX blocking on those operating systems is expected to be in effect on Nov. 11, 2014.

ActiveX blocking can be problematic for organizations running older Web applications on company intranets. Consequently, Microsoft has disabled ActiveX blocking for applications listed in IE's Local Intranet Zone and its Trusted Sites Zone. There are also Group Policy controls that can be used to control ActiveX blocking. It can even be turned off, if wanted.

Microsoft describes those ActiveX blocking details for IT pros in this TechNet article.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Microsoft Nabs IoT Platform Provider Express Logic

    As part of its plan to invest $5 billion in IoT technologies, Microsoft this week acquired Express Logic, which provides real-time operating systems for industrial embedded and IoT devices.

  • Dealing with Broken Dependencies in SCVMM

    Brien shows you how to resolve some broken, template-related dependencies in Microsoft's System Center Virtual Machine Manager.

  • AzCopy Preview Adds AWS S3 Data Transfer Improvements

    Microsoft announced this week that it has improved the preview version of its AzCopy tool to better handle Amazon Web Services (AWS) S3 data.

  • Microsoft Adding Google G Suite Migration in Exchange Admin Center

    Microsoft's Exchange Admin Center will be getting the ability to move Google G Suite calendar, contacts and e-mail data over to the Office 365 service "in the coming weeks."

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.