Starting August 12th, Internet Explorer will start blocking out-of-date Java ActiveX controls. Oracle Java, along with Adobe Flash, have been a major vector used to plant malware on Windows systems for quite some time now. These Java or ActiveX controls need to be updated regularly, but are not done by most users, as a result of which malware has crept on to many a Windows machines, infecting them. Malicious or compromised Web sites target security flaws in outdated ActiveX Controls and install malware. In fact, Java exploits represented 84.6% to 98.5% of exploit kit-related detections each month in 2013.
Keeping this scenario in mind, Microsoft has taken a good step in deciding to block old and out-dated ActiveX Controls in Internet Explorer 8-11 on Windows 7 / 8 machines. Out-of-date AciveX controls on all Security Zones—such as the Internet Zone will be blocked, and you will see the following message:
Java(TM) was blocked because it is out of date and needs to be updated
Says Microsoft – Out-of-date ActiveX control blocking lets you:
1. Know when Internet Explorer prevents a Web page from loading common, but outdated, ActiveX controls.
2. Update the outdated control, so that it’s up-to-date and safer to use.
3. Interact with other parts of the Web page that aren’t affected by the outdated control.
4. Inventory the ActiveX controls your organization is using.
Although ActiveX controls have their use as they let websites provide rich content, like videos and games, they can be a serious threat if not updated regularly – as a result of which many users chose to disable or remove Java from their computers.