Starting November 2014, Microsoft will start blocking out-of-date ActiveX controls and Silverlight on Internet Explorer. The following IE versions on the said Windows operating systems will be supported, beginning January 2016:
|Windows operating system||Internet Explorer version|
|Windows Vista SP2||Internet Explorer 9|
|Windows Server 2008 SP2||Internet Explorer 9|
|Windows 7 SP1||Internet Explorer 11|
|Windows Server 2008 R2 SP1||Internet Explorer 11|
|Windows 8.1||Internet Explorer 11|
|Windows Server 2012||Internet Explorer 10|
|Windows Server 2012 R2||Internet Explorer 11|
The IE blog says:
“…as part of our ongoing commitment to delivering a more secure browser, we want to help you stay up-to-date with the latest versions of popularly installed ActiveX controls. Today, we’d like to share two exciting updates to the out-of-date ActiveX control blocking feature: updates to our supported operating system and browser combinations and out-of-date Silverlight blocking.”
The blog post further mentions that,
“Starting on November 11, 2014, we’re expanding the out-of-date ActiveX control blocking feature to block outdated versions of Silverlight. This update notifies you when a Web page tries to load a Silverlight ActiveX control older than (but not including) Silverlight 5.1.30514.0.”
What is the risk with out-of-date ActiveX controls
To understand the concept of out-of-date ActiveX control blocking, lets first understand what ActiveX controls are. The Activex controls are also known as ‘add-ons’ and these are the small applications which let the websites provide content such as games, videos and animations. With ActiveX controls you can interact with the toolbar. These ActiveX controls or add-ons are good; but these are not updated automatically. Hence, even if newer version of an ActiveX control is launched, the out-of-date ActiveX control remains on your system as it is. This poses as a major threat to your system’s security; because malware can target our system’s security flaws with these out-of-date ActiveX controls. The malware can collect your information using the weak point such as out-of-date ActiveX controls and can install unwanted software. Worse, the malware can hand over the control of your machine to someone else, like a hacker.
To avoid such security violations, IE has started the new activity called as ‘out-of-date AcriveX control blocking’.
How out-of-date ActiveX control blocking will work
- The out-of-date ActiveX control blocking updates the outdated ActiveX control, making it safe for use.
- With this facility you can use the other parts of the webpage which are unaffected by the outdated control.
- This activity also makes you aware of behavior of Internet Explorer when dealing with out-of-date ActiveX control.
You can read more about this on the official IE blog.