Internet Explorer ActiveX update (912945)


The information in this article applies to:

  • Microsoft Internet Explorer 6.0, when used with:
    • Microsoft Windows Server 2003, Standard x64 Edition
    • Microsoft Windows Server 2003, Datacenter x64 Edition
    • Microsoft Windows Server 2003, Enterprise x64 Edition
    • Microsoft Windows Server 2003 SP1, when used with:
      • Microsoft Windows Server 2003, Datacenter Edition for Itanium-based Systems
      • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
      • Microsoft Windows Server 2003, Standard Edition
      • Microsoft Windows Server 2003, Datacenter Edition
      • Microsoft Windows Server 2003, Enterprise Edition
      • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows XP Professional x64 Edition
    • Microsoft Windows XP Service Pack 2, when used with:
      • Microsoft Windows XP Professional
      • Microsoft Windows XP Home Edition
      • Microsoft Windows XP Media Center Edition 2005
      • Microsoft Windows XP Tablet PC Edition
      • Microsoft Windows XP Tablet PC Edition 2005
      • Microsoft Windows XP Starter Edition

INTRODUCTION

Microsoft is releasing a software update to Microsoft Internet Explorer 6 for Microsoft Windows XP Service Pack 2 (SP2) and for Microsoft Windows Server 2003 Service Pack 1 (SP1). This update changes the way in which Internet Explorer handles some Web pages that use ActiveX controls and Java applets. Examples of ActiveX controls include the following:

Adobe Reader
Apple QuickTime Player
Macromedia Flash Player
Microsoft Windows Media Player
Real Networks RealPlayer
Sun Java Virtual Machine

After you install this update, you cannot interact with ActiveX controls from certain Web pages until these controls are enabled. To enable an ActiveX control, manually click the control. There are also techniques that Web developers can use to update their Web pages. For more information about these techniques, visit the following MSDN Web site:

http://msdn.microsoft.com/ieupdate

When you install this update, the Plugin.ocx binary is completely removed from Windows Server 2003 and Windows XP. The Plugin.ocx binary is a private component of Internet Explorer without any public interfaces. Plugin.ocx is used to host Netscape plug-ins as ActiveX controls. The functionality of Plugin.ocx was disabled in 2003 in Windows Server 2003 and Windows XP for security reasons. This update removes the non-functional Plugin.ocx code completely.

As part of this Internet Explorer update, Microsoft will release updates to the current versions of Windows XP and of Windows Server 2003. All client operating systems will be updated. These client operating systems include the following:
  • Windows XP Starter Edition
  • Windows XP Home Edition
  • Windows XP Professional Edition
  • Windows XP Tablet PC Edition
  • Windows XP Media Center Edition
  • Windows XP Professional for Embedded Systems
Currently, Microsoft has not released updates for earlier versions of Internet Explorer, Windows Server 2003, or Windows XP. However, Microsoft may release updates for these earlier versions in the future. More information about release schedules will be posted in this article when the information becomes available.

The following files are available for download from the Microsoft Download Center:

Update for Internet Explorer for Windows Server 2003, 32-bit x86-based versions with Service Pack 1:

DownloadDownload the 912945 package now.

Update for Internet Explorer for Windows Server 2003, 64-bit Itanium-based versions with Service Pack 1:

DownloadDownload the 912945 package now.

Update for Internet Explorer for Windows Server 2003, 64-bit x64-based versions:

DownloadDownload the 912945 package now.

Update for Internet Explorer for Windows XP Professional x64 Edition:

DownloadDownload the 912945 package now.

Update for Internet Explorer for Windows XP with Service Pack 2:

DownloadDownload the 912945 package now.

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

MORE INFORMATION

Known issues

  • Internet Explorer ActiveX update that is contained in security update 912812 is disabled

    After you deploy update 912945 for Internet Explorer, the behavior of the Internet Explorer ActiveX update that is contained in security update 912812 is disabled. The security fixes that are contained in security update 912812 are still present and will still function. Only the Internet Explorer ActiveX update behavior is disabled.
  • Web page rendering issues within Internet Explorer

    This issue occurs if Mshtml.dll is ever reregistered after you install this cumulative update. This issue is resolved in security update 912812 for Internet Explorer.

    912812 MS06-013: Cumulative security update for Internet Explorer


    We recommend that you install security update 912812 for Internet Explorer instead of installing update 912945 that is described in this article.
  • Initial logon dialog boxes may reappear and reset to default configurations

    This issue occurs if you deploy the hotfix version of this software update on 64-bit systems, such as an Itanium-based or x64-based version of Microsoft Windows Server 2003 or an x64-based version of Windows XP with their respective service packs. In this case, the initial logon dialog boxes may appear for applications and for Windows components. Additionally, some settings reset to default. This behavior may cause the following issues:
    • Applications ask users to opt in to privacy features.
    • Default settings for Internet Explorer favorites are reset.
    • Internet Explorer security zones are reset to default settings.
    • Internet Explorer advanced settings are reset to default settings.
    • Initial Windows Media Player dialog boxes appear.
    This issue is resolved in security update 912812 for Internet Explorer.
  • Google Toolbar

    You may experience an access violation in the Google Toolbar when you close a window that contains an inactive ActiveX control. Microsoft and Google technical teams have been working together to address this issue. Google is expected to fix this problem by using its automatic "servicing mechanism" for Google Toolbar users. This problem affects Google Toolbar versions before version 3.0.129.2. Visit the following Google Web site to download the latest version:

    http://toolbar.google.com

  • External script technique does not work when the "Disable Script Debugging (Internet Explorer)" check box is cleared

    This issue is resolved in security update 912812 for Internet Explorer.
  • ActiveX controls that use Java Platform, Standard Edition 1.3 or 1.4

    After you click on an ActiveX applet control in a program that runs the applet control by using Java Platform, Standard Edition (J2SE) 1.3 or J2SE 1.4, the focus does not go to the applet control. You must click the control a second time to establish focus. The focus behavior works correctly in J2SE 1.5. To obtain the latest version of J2SE, visit the following Sun Microsystems, Inc. Web site:

    http://java.sun.com/j2se

  • Unable to use the /integrate switch to update Windows installation source files

    Administrators are unable to use the /integrate switch to update Windows installation source files with this update. This is expected to be fixed in the next update for Windows Server 2003 and Windows XP. To work around this issue, use the Sysprep tool. For more information, visit the following Microsoft Web site:

    http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/duplication.mspx

    This issue is resolved in security update 912812 for Internet Explorer.
  • Siebel programs that use ActiveX controls

    Software update 912945 affects all Siebel 7 High Interactive clients. After you apply this update, you must click several times to interact with the Siebel program, one time for each ActiveX control in the program. Siebel is working with Microsoft to identify a solution. A Siebel product update is expected to be released some time in the spring of 2006. For more information about Siebel product updates, visit the following Siebel Support Web site:

    https://ebusiness.siebel.com/supportweb/

  • Substring match opt-in process names

    By default, certain applications have process names that are a subset of applications that are opted in to the new ActiveX behavior. An example would be APExplorer.exe, where a substring of this name is Explorer.exe. Therefore, Explorer.exe is opted in to the new ActiveX behavior. Such applications exhibit the new ActiveX behavior.

    This issue is resolved in security update 912812 for Internet Explorer.
  • MFC controls leave a permanent window

    In certain cases, when navigating away from a page with an MFC ActiveX control, the control still appears in the new window. This issue is resolved in security update 916281 for Internet Explorer.
  • Visual Basic controls do not appear

    In certain cases, controls created in Visual Basic that are displayed with display and visibility CSS attributes may not appear. This issue is resolved in security update 916281 for Internet Explorer.
  • Security warning message when you try to open a PDF document from a secure (https://) Web page

    When you try to open a PDF document from a secure (https://) Web page, you incorrectly receive a security warning message for mixed content. This issue is resolved in security update 916281 for Internet Explorer.
For recommended techniques to make sure that ActiveX controls function without user interaction, visit the following MSDN Web site:

http://msdn.microsoft.com/ieupdate

The following issues occur on Web sites that do not use the recommended techniques.

Note All these issues are resolved by using the techniques that are described on the MSDN Web site.
  • Scrolling
    When you use the mouse wheel to scroll through a page that contains an interactive control, the control may not be displayed correctly. This issue is resolved in security update 912812 for Internet Explorer.
  • Abstract Window Toolkit
    Access violations have been reported with Java programs that use Abstract Window Toolkit (AWT) classes in the user interface. This issue is resolved in security update 912812 for Internet Explorer.
  • Transparent Flash
    A full-page ad disappears, but the focus rectangle remains. In this situation, the control is still there, but it is transparent. Therefore, the associated overlay window remains on the page.
  • DHTML menus
    When a DHTML menu is expanded, the menu may appear on top of an ActiveX control. If you click the menu in this situation, you enable the control instead of gaining access to the DHTML menu. The overlay window has the highest z-order. Therefore, this window receives the mouse-click message.
  • Controls that prompt before they are loaded
    When certain controls are loaded on a Web page, the controls are not correctly masked by the functionality of this update. These controls include controls that are used in Macromedia Shockwave Director, in QuickTime Player, and in Virtools Web Player. When Windows determines that a control is inactive, the system prompts the user before the control is loaded.
  • CSS attributes on controls
    Controls that are hidden or that have a display-mode setting of None, but that do have size dimensions, display the focus rectangle when you move the pointer over them.
    This issue is resolved in security update 916281 for Internet Explorer.

Technical support for x64-based versions of Microsoft Windows

Your hardware manufacturer provides technical support and assistance for x64-based versions of Windows. Your hardware manufacturer provides support because an x64-based version of Windows was included with your hardware. Your hardware manufacturer might have customized the installation of Windows with unique components. Unique components might include specific device drivers or might include optional settings to maximize the performance of the hardware. Microsoft will provide reasonable-effort assistance if you need technical help with your x64-based version of Windows. However, you might have to contact your manufacturer directly. Your manufacturer is best qualified to support the software that your manufacturer installed on the hardware.

For product information about Microsoft Windows XP Professional x64 Edition, visit the following Microsoft Web site:

http://www.microsoft.com/windowsxp/64bit/default.mspx

For product information about x64-based versions of Microsoft Windows Server 2003, visit the following Microsoft Web site:

http://www.microsoft.com/windowsserver2003/64bit/x64/default.mspx

Microsoft is researching this problem and will post more information in this article when the information becomes available. The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.
Modification Type:MinorLast Reviewed:6/14/2006
Keywords:kbWebBrowser kbActiveXScript kbonline kbExpertiseAdvanced kbhowto kbFAQ KB912945 kbAudDeveloper kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.