The way I read security Bulletin MS06-013, the change has already been released, but a patch in IE is keeping it from being active. As quoted in the bulletin, "This Compatibility Patch will function until an Internet Explorer update is released as part of the June update cycle, at which time the changes to the way Internet Explorer handles ActiveX controls will be permanent."
This is also taken from the bulletin:
Some of the important modifications include the following:In addition to the security bulletin, Microsoft also has a TechNote: MS06-013: Cumulative security update for Internet Explorer. The TechNote talks about some potential issues with:
- Security level for the Internet zone is set to High. This setting disables scripts, ActiveX controls, Microsoft Java Virtual Machine (MSJVM), and file downloads.
- Automatic detection of intranet sites is disabled. This setting assigns all intranet Web sites and all Universal Naming Convention (UNC) paths that are not explicitly listed in the Local intranet zone to the Internet zone.
- Install On Demand and non-Microsoft browser extensions are disabled. This setting prevents Web pages from automatically installing components and prevents non-Microsoft extensions from running.
- Multimedia content is disabled. This setting prevents music, animations, and video clips from running.
- Siebel 7
- Java Platform, Standard Edition 1.3, or 1.4
- WMV HD DVD
- Unexpected page load
If you're still with me, and you have not tried Firefox yet, this would be a good time.