This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
With the update in place, Internet Explorer 6 won't run some ActiveX controls until they've been explicitly enabled by the user.
Microsoft Tuesday updated Internet Explorer 6 for Windows XP SP2 and Windows Server 2003 SP1, but denied that the changes were security related.
"The update is labeled as 'non-security' given that it does not include any new updates that affect the security of IE," said a company spokesman Tuesday afternoon.
With the update in place, IE 6 won't run some ActiveX controls until they've been explicitly enabled by the user. Last December, Microsoft posted a note to Web site and ActiveX developers warning them that the change was coming. In that note, the Redmond, Wash.-based developer said that controls loaded by the APPLET, EMBED, or OBJECT elements would be disabled unless the user turned them on.
Although Microsoft says this is not a security update, its connection with ActiveX is reminiscent of several security fixes during 2005 that covered the browser and the control technology. Microsoft has struggled to firm up ActiveX security, particularly in denying controls that have no reason to access the Internet from doing so.
IE 7, which is in beta testing, actually disables most ActiveX controls out of the gate in an attempt to protect users.
The correction comes two weeks after Microsoft released its last patch for IE, a fix for IE 5.01 running on Windows 2000. Microsoft made a point to stress this update has nothing to do with the patch unveiled earlier in the month.
Tuesday's update is available from Microsoft's Download Center and as an option on Windows Update.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
The State of IT & Cybersecurity Operations 2020Download this report from InformationWeek, in partnership with Dark Reading, to learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. Get it now!