Microsoft today detailed the October updates for Internet Explorer that was released earlier today and provided a preview of updates to out-of-date ActiveX control blocking coming in November 2014.
- Microsoft Security Bulletin MS14-056 – This critical security update resolves one publicly disclosed vulnerability and fourteen privately reported vulnerabilities in Internet Explorer. For more information see the full bulletin.
- Security Update for Flash Player (3001237) – This security update for Adobe Flash Player in Internet Explorer 10 and 11 on supported editions of Windows 8, Windows 8.1 and Windows Server 2012 and Windows Server 2012 R2 is also available. The details of the vulnerabilities are documented in Adobe security bulletin APSB11-22. This update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash binaries contained within Internet Explorer 10 and Internet Explorer 11. For more information, see the advisory.
They shared new updates on the out-of-date ActiveX control blocking feature, it now includes updates to our supported operating system and browser combinations and out-of-date Silverlight blocking.
Beginning January 12, 2016, we’re going to support the following operating system and browser combinations (for more info, see this announcement):
Windows operating system Internet Explorer version Windows Vista SP2 Internet Explorer 9 Windows Server 2008 SP2 Internet Explorer 9 Windows 7 SP1 Internet Explorer 11 Windows Server 2008 R2 SP1 Internet Explorer 11 Windows 8.1 Internet Explorer 11 Windows Server 2012 Internet Explorer 10 Windows Server 2012 R2 Internet Explorer 11
Right now, the out-of-date ActiveX control blocking feature works on all of these combinations except Windows Vista SP2 and Windows Server 2008 SP2 with Internet Explorer 9. Support for these combinations is expected to start on November 11, 2014.
Starting on November 11, 2014, we’re expanding the out-of-date ActiveX control blocking feature to block outdated versions of Silverlight. This update notifies you when a Web page tries to load a Silverlight ActiveX control older than (but not including) Silverlight 5.1.30514.0.
Read more about it here.