Corporate developers who are not ready for an upcoming Internet Explorer update are getting a reprieve, in the shape of an optional "compatibility patch" that will undo some changes.
The next security update for Internet Explorer, expected by April 11, is scheduled to include changes to the way ActiveX processes dynamic content, made as a result of Microsoft's patent dispute with Eolas. These changes will force developers to alter their websites and Intranets, but Microsoft said Wednesday that it now plans to also release a second "compatibility patch," that will undo the ActiveX changes.
Without the compatibility patch, programmers must make changes to their server software. Otherwise, Internet Explorer users have to click on a pop-up dialog box to interact with Flash or QuickTime.
The compatibility patch will allow users to avoid these so-called "tool tip" boxes on sites that have not made the changes, but only for a limited time.
"This patch will function until the June IE security update is released at which time the changes to ActiveX are permanent," said a Microsoft spokesman That update is scheduled to be released 13 June.
Microsoft is making the ActiveX changes in order to comply with a 2003 ruling against the company that found it had violated a patent held by Eolas Technologies and the University of California. Though Microsoft is appealing this ruling, and challenging the validity of the patent with the US Patent Office, Microsoft must still make the changes, or risk being found in contempt of court.
Though website operators and corporate developers are facing headaches, these changes will amount to little more than an annoyance for most IE users. They will not actually prevent Flash or QuickTime from running, but simply add the extra step of clicking on the dialogue box.
The compatibility patch will be of more use to corporate IT departments than Web site operators, because corporate shops will be in a position to control whether or not their users install the software.
"While most Internet sites have already prepared for the ActiveX changes, some enterprise customers have given feedback that more time is needed to ensure applications are compatible with the ActiveX changes," the Microsoft statement said.
This next security update will be an important one, as it will also fix an unpatched vulnerability in Internet Explorer that hackers have been exploiting for a number of days. This bug, which relates to the way Internet Explorer processes Web pages using the createTextRange() method, is considered critical because it can be exploited by hackers to run unauthorised software on a victim's machine.