Today, Microsoft has shipped this month’s Patch Tuesday updates, and together with new security patches, the company has also rolled out a feature that enables Internet Explorer to block outdated ActiveX controls that could pose a security threat to users browsing the web.

While options to do this were implemented in Internet Explorer last month, during the very same Patch Tuesday rollout, Microsoft has enabled it today, claiming that it wanted to give webmasters more time to prepare their websites for this transition.

“The top deployment priority for our customers this month is the update for Internet Explorer, which addresses 37 CVEs. In case you missed it, the August update for Internet Explorer also included new functionality to block out-of-date ActiveX controls. This functionality will be enabled with today’s update,” Dustin Childs, Group Manager, Response Communications, Microsoft Trustworthy Computing, has said in an announcement today.

Old Java versions to be blocked starting today

This new update indeed blocks outdated ActiveX controls, so starting today, the following versions of Java will stop working with Internet Explorer:

J2SE 1.4, everything below (but not including) update 43
J2SE 5.0, everything below (but not including) update 71
Java SE 6, everything below (but not including) update 81
Java SE 7, everything below (but not including) update 65
Java SE 8, everything below (but not including) update 11

Whenever they load a website that hosts an outdated ActiveX control, users are provided with a notification saying that “Java was blocked because it is out of date and needs to be updated.” Two options are displayed, namely “Update” and “Run this time.”

How it works

Basically, the new feature is entirely based on a file hosted on Microsoft’s servers, that tells Internet Explorer which ActiveX Controls are safe to load and which are not.

The file is called versionlist.xml, and Microsoft has promised to update it frequently in order to make sure that users are perfectly secure when browsing websites that might hold such controls.

“This file is updated with newly-discovered out-of-date ActiveX controls, which Internet Explorer automatically downloads to your local copy of the file. We are initially flagging older versions of Java, but over time will add other outdated ActiveX controls to the list,” the company says.

The new ActiveX control blocking feature works with the newest Internet Explorer versions currently on the market, but it’s only available on Windows 7 SP1 and up, Windows Server 2008 R2 SP1 and up. All IE versions from 8 to 11 are getting it.

As it happens with all improvements released by Microsoft, this new one is delivered via Windows Update, so Internet Explorer should start blocking old ActiveX controls once you install this month’s Patch Tuesday updates.