RSSMicrosoft Rolls Out IE6 ActiveX Change
By Nate Mook | Published March 1, 2006, 12:19 PM
Microsoft this week delivered a long-awaited update for Internet Explorer 6 that changes the way the browser loads embedded ActiveX control. The modification comes as part of an ongoing patent dispute with Eolas Technology and the University of California.
The patent specifically involves the mechanisms used to embed interactive programs in a Web browser. Eolas successfully sued Microsoft in 2003 alleging IE's plug-in architecture infringed on its patent, and was awarded $521 million in damages, which has ballooned to $560 million due to interest.
In response, Microsoft said it would alter how the browser implemented ActiveX, but later backed away from the switch. Software affected by the patent would include Macromedia Flash, QuickTime, RealOne Player, Acrobat Reader, Sun's Java Virtual Machine, and Windows Media Player among other applications that embed into Web pages.
But following two legal setbacks in its efforts to invalidate the Eolas patent and have the ruling appealed, Microsoft said in December it would go ahead with the update.
In September, the U.S. Patent and Trademark Office upheld the patent despite claims of prior art. In late October, the U.S. Supreme Court refused to hear an appeal regarding the damages awarded to Eolas.
Microsoft is still planning to appeal the verdict on another legal front, but has opted not to wait for that outcome before changing ActiveX. The company says it will roll out the update to Internet Explorer 6 in phases.
The update -- available for Windows XP and Windows 2003 -- is currently available as an optional download from the Microsoft Download Center and Windows Update. Microsoft said it expects the majority of IE users to download the patch as part of their security updates over the next four to six months.
It's not clear if and when the company will issue an update for Windows 2000 users. Internet Explorer 7 for Windows XP and Windows Vista will include the change as well.
With the update, ActiveX controls will no longer be activated by default. This means users must first click on the control before it will recognize any input. However, Microsoft has posted instructions on how developers can bypass this restriction through the use of external scripts.
ActiveX controls that do not require interaction will continue to perform as they always have, Microsoft says. The change will likely have little effect on end-users, but may require minor updates to accessibility software that must now recognize an activate controls before taking action.
Microsoft has posted a security advisory containing more details on the change.
Can it be uninstalled?
Score: 0
|Turns out yes, it can.
http://cityofrain.com/?p=567
Score: 0
|It has left my I.E. less than fully functional. Unless there is some compelling reason, *avoid*. (I'm uninstalling -- I hope.)
And having to hit the space bar when it does work gets old *VERY* quickly, after about the third time having to do it. That major irritant has me thinking it is now [finally] time to ditch I.E. as much as possible. 'Tis interesting that I've never had a security problem with I.E. that made me think twice about ditching it, but this mosquito of a "fix" sure does. (Oops, I meant "feature.")
Ya know, Microsoft screws their competition, gets caught and must do this, and in the end it is the user that pays. (Thanks, Microsoft. You suck.)
Score: 0
|Ya know, I fail to understand how the competition was screwed in any way from the way ActiveX was implemented...you are right that the user pays in the end though. Anti-monopoly laws sound good on paper but man recently the consumer, which the anti-monopoly laws exist to PROTECT, ends up losing. The anti-monopoly laws are causing the opposite effect lately.
I don't really know what should be done about it. I do know our current laws are not working.
Score: 0
|So is there anything beneficial to installing this update? Seems to me like I should just ignore it.
Score: 0
|From a user standpoint there should be no difference whatsoever in installing this update. It makes sure that your browser is capable of using the new install method that developers will have to use, though, so it probably should be installed.
Score: 0
|Why won't they get rid of Active X I mean its a virus in itself, removing it altogether and using the same technology as all the other guys do would be hard to swallow I know. But just lay active x to rest already! Now it's even causing them legal trouble of course what hasn't.
Score: 0
|There are a lot of Active X controls that people use daily and don't realize it. Flash is probably the biggest of these. If Microsoft were to remove Active X completely, they might as well get out of the Internet business entirely as a majority of the web would be impacted.
Score: 0
|Bollocks: ActiveX works on windows with IE only anyway and does not contribute anything to the web. It may be good on intranets and other company networks, but it does not belong on the web with all it's vulnerabilities and proprietary rubbish. Any site using ActiveX is bad anyway, let's get rid of them.
Flash is not ActiveX, it works on Firefox as well as on MacOSX/Safari. It's a plugin, that doesn't make it ActiveX.
Let's get rid of windows too btw, it's bad. OSX is good. Now go away!
Score: 0
|The Flash and Shockwave "plugins" for IE are, in fact, ActiveX controls. They are not for other browsers. I'm not saying they couldn't do it differently, but ActiveX is the more efficient method for IE.
ActiveX is not the real problem... it has a lot of benefits to it. It's just been really to abuse in the past, but your mentality against it is outdated.
Score: 0
|From this user's standpoint, its installation made a most substantial (and decidedly negative) difference. Again, avoid until there is some compelling reason. Maybe MS will have it fixed by then.
(And even MS must be going nuts over the new "feature" of users having to tap the spacebar every few minutes simply to navigate the web. (I never realized just how much surfing I did without having need of the keyboard -- until I installed this "fix.")
Score: 0
|Man this is lame. Thanks Eolas you a** jammers
Score: 0
|... lame? When $520+ million are involved, I don't see the "lame" point.
On the other hand, this is sort of a pain, but how could MS miss it to start?
Score: 0
|The only reason $520 million is involved is because Eolas is living on the same greed syndrome plaguing a lot of other businesses these days--- the Corporate Lawsuit Syndrome-- where companies find it a successful business strategy to sue rather than sell.
Score: 0
|....providing a workaround thru external scripts to still have ActiveX run thru without interaction......sounds like a door ajar for some hacksters :>{......watching with interest.
Score: 0
|My thoughts exactly.
Score: 0
|How so? Before, they ran automatically - now they can run automatically if you add a script to your site.
Think of it like those annoying plugins that don't play unless you click inside their frame.
Score: 0
|Now, the Genuine Advantage ActiveX control can't be disabled in the Manage Add-ons options of Internet Explorer. The option is greyed out.
Score: 0
|It has nothing to do with this ActiveX update but an update to the Windows Genuine Advantage control.
Score: 0
|Man I try to keep up with everything goin on with Microsoft, but I completely missed this one. Interesting. What are the changes, specifically?
Score: 0
|http://support.microsoft.com/?kbid=912945
Score: 0
|Your not the only one.
Score: 0
|The change seems to make little difference on the majority of sites. From what I've seen so far, the most common items that are affected are interactive Flash and embedded WMP controls.
For example, if you mouse over a Flash nav bar a dotted border appears around it and a text popup appears which says "Click to activate and use this control". The item will work normally after it's been clicked but if the page is reloaded it will have to be clicked again. Embedded Windows Media players will still auto-start but have to be activated before the controls will function.
Score: 0
|