A lot has been made over the security of ActiveX, and Microsoft themselves have several FAQs on the subject. However, the the company is taking steps to actively protect customers, by blocking older versions of the software on PCs — specifically within Internet Explorer.
The process will begin August 12th, and will be ongoing. These controls are small apps that let the customer control web content such as videos and games, but many of the older versions are no longer being updated, leading to a potential hazard for the average customer who doesn’t know.
“It’s very important that you keep your ActiveX controls up-to-date because malicious or compromised Web pages can target security flaws in outdated controls to collect information, install dangerous software, or by let someone else control your computer remotely”, Microsoft states.
That’s not quite as easy as it should be. These tiny apps do not update automatically — it’s left up to the customer to do the heavy lifting. The company cites Java, perhaps the worst offender, stating that it represents about 90-percent of the vulnerabilities, and users do not know better about upgrading it. Microsoft does not wish for the same outcome with ActiveX.
“To help avoid this situation with ActiveX controls, an update to Internet Explorer on August 12, 2014 will introduce a new security feature, called out-of-date ActiveX control blocking”, the company says.
In other words, if you are using an older version of the ActiveX software, then either upgrade or be prepared for parts of the web to stop working for you soon. Likely not an issue for the folks who read sites like this, but you may want to help out a friend or family member.Further reading: ActiveX, Microsoft