This month's Patch Tuesday update for Internet Explorer will include a new feature: it will block out-of-date ActiveX controls.

More specifically, it will block out-of-date versions of the Java plugin. Although Microsoft is describing the feature as an ActiveX block, the list of prohibited plugins is currently Java-centric. Stale versions of Flash and Silverlight will be able to stick around, at least for now, though Microsoft says that other out-of-date ActiveX controls will be added to the block list later.

Old, buggy versions of the Java plugin have long been used as an exploit vector, with Microsoft's own security report fingering Java in 84.6 to 98.5 percent of detected exploit kits (bundles of malware sold commercially). Blocking obsolete Java plugins should therefore go a long way toward securing end-user systems.

The block is not a hard barrier; it will give users the ability to override it on a one-off basis. The block is also not applied to Internet Explorer's Trusted Sites or Local Intranet zones. This will enable corporations who are forced to stick with obsolete plugin versions for compatibility reasons to use old plugin versions for corporate content without exposing themselves to Internet-based malware.