Microsoft’s latest security patches require “some planning” before implementation because they change the way that the browser interacts with ActiveX code, experts have warned.
Industry analyst Gartner said the patches released on 11 April to fix the critical “createtextrange” bug in Internet Explorer also contains a non-security update designed to address a patent dispute.
“Organisations should expect this security update to have a greater impact on an environment than past security patches, and should prepare for this change prior to deploying the patch,” Gartner warned.
The update changes the way Explorer interacts with ActiveX code used to display interactive web content, such as Macromedia Flash features, preventing them from running automatically. HTML authoring changes must be made to avoid this behaviour, Gartner said.
“Organisations that use ActiveX code in their web applications may need to make the server-side changes to their ActiveX code,” the analyst firm recommended. “Users should be informed of the changes to IE so that they will not needlessly burden internal support with questions.”
The update was made to address a patent dispute with University of California-backed company Eolas Technologies, which has won $500m (£295m) in damages from Microsoft. The software giant appealed and won the right to a second trial, expected later this year.
Microsoft was hit by a second major patent defeat yesterday, when a US jury ordered it to pay $115m (£64m) to David Colvin, the founder of Z4 Technologies, in a dispute over patents for anti-piracy software.