Developers urged to test applications to prevent outages
vnunet.com, 31 Mar 2006
Microsoft plans to publicly release an update to its ActiveX technology on 11 April that aims to circumvent a patent owned by Eolas and the University of California.
The update will disable all ActiveX elements on a webpage until users click on the page or until they press the tab and enter keys.
ActiveX is a technology inside Internet Explorer that enables the integration of interactive components in a web page.
The technology can power elements like animations and pop-up menus on a web page. It is used by a slew of applications including Acrobat Reader, Flash, Windows Media Player and RealPlayer.
A jury found in 2003 that Microsoft's browser infringed on a patent owned by Eolas and the University of California.
The software vendor was ordered to pay $521m in damages. Microsoft has vowed to fight the ruling, but has so far been unsuccessful in getting the patent invalidated.
The pending modifications will not alter the outcome of the previous lawsuit, but do ensure that Microsoft will not have to purchase a licence on the disputed patent.
Microsoft warned in a blog posting that the update might break existing ActiveX applications and advised developers to test their software.
The patch has been available as an optional download from Microsoft's website since 28 February and will be distributed as part of the firm's next update cycle on 11 April.
Enterprises requiring more time to test in-house applications can use a so-called 'compatibility patch' that prevents the update from installing.
The compatibility patch will delay the installation of the actual patch for up to two months, but Mike Nash, corporate vice president of Microsoft's Security Business and Technology Unit, asked users to show restraint in applying the patch.
"I strongly advise you not to use this [compatibility] patch if you can avoid it. If you do use the patch, remove it as soon as you fix your application so that you can be sure that your applications work with the new ActiveX functionality," Nash said in the blog posting.
Other than the requirement for consumers to click or press keys to activate ActiveX controls, the update will not have any impact on consumers.
Zero day attack hits the web
2005 was watershed year for zero-day exploits, warns security firm
Remote access - Three steps to getting connected
3.4 million UK professionals now work from home – is your company equipped?
Cost benefits of a global collaboration network
This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications
Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.
Open Text chief predicts more consolidation in ECM market
We ask the BlackBerry maker's head of security what CIOs...
Do you agree?
Have your say on this article