Microsoft to block outdated Java versions in Internet Explorer
Summary: Next week's Patch Tuesday updates will include a much-needed fix for Internet Explorer, blocking outdated versions of Java and preventing one of the most popular vectors for installing malware.
By Ed Bott for The Ed Bott Report | August 6, 2014 -- 18:54 GMT (19:54 BST)
Next week’s Patch Tuesday updates for Windows will include a monumental security fix. An update to Internet Explorer, for installation on PCs running Windows 7 Service Pack 1 or Windows 8.x, will introduce a new security feature called out-of-date ActiveX control blocking. ActiveX controls, which expand the capabilities of Internet Explorer in useful but also potentially dangerous ways, have been a headache for Windows users for more than a decade. Improvements in the design of ActiveX have progressively reduced its attack surface; the new framework provides a way to ensure that attackers can’t target known vulnerabilities in ActiveX controls that are installed but not updated to the most recent version.