Microsoft offers more time on Eolas changes

Microsoft will give corporate developers a 60 day reprieve before upcoming changes to ActiveX will be mandatory.

Corporate developers who are not ready for an upcoming Internet Explorer update are getting a reprieve.

The next security update for Internet Explorer, expected by April 11, is scheduled to include changes to the way ActiveX processes dynamic content. These changes will force developers to make changes to their Web sites and Intranets, but Microsoft said Wednesday that it now plans to also release a second "compatibility patch," that will undo the ActiveX changes.

Without the compatibility patch, programmers must make changes to their server software. Otherwise, Internet Explorer will force users to click on a pop-up "tool tip" dialog box before being able to interact with things like Flash or QuickTime.

The compatibility patch will allow users to avoid the tool tip boxes on sites that have not made the changes, but only for a limited time.

"This patch will function until the June IE security update is released at which time the changes to ActiveX are permanent," said Microsoft's public relations agency in an e-mail statement. That update is scheduled to be released June 13.

Microsoft is making the ActiveX changes in order to comply with a 2003 ruling against the company that found it had violated a patent held by Eolas Technologies and the University of California. Though Microsoft is appealing this ruling, and challenging the validity of the patent with the U.S. Patent Office, Microsoft still must make the changes or risk being found in contempt of court.

Though Web site operators and corporate developers are facing headaches, these changes will amount to little more than an annoyance for most IE users. They will not actually prevent Flash or QuickTime from running, but simply add the extra step of clicking on the tool tip.

The compatibility patch will be of more use to corporate IT departments than Web site operators, because corporate shops will be in a position to control whether or not their users install the software.

"While most Internet sites have already prepared for the ActiveX changes, some enterprise customers have given feedback that more time is needed to ensure applications are compatible with the ActiveX changes," the Microsoft statement said.

This next security update will be an important one, as it will also fix an unpatched vulnerability in Internet Explorer that hackers have been exploiting for a number of days now. This bug, which relates to the way Internet Explorer processes Web pages using the createTextRange() method, is considered critical because it can be exploited by hackers to run unauthorized software on a victim's machine.

Elizabeth Montalbano contributed to this story

Join the newsletter!

Error: Please check your email address.

More about Microsoft

Show Comments

Market Place