Significant changes made in a security patch from Microsoft to the way Internet Explorer processes ActiveX can cause Siebel 7 client software to lock up and become unusable.

The Siebel problem is one of several issues that prompted Microsoft to release a "compatibility patch" in conjunction with this month's security updates, which undoes the ActiveX changes for another 60 days.

The ActiveX changes in question were made in response to a 2003 court ruling, which found that Microsoft had violated a software patent held by Eolas Technology and the University of California. Microsoft has been including the changes in optional releases of Internet Explorer for months, now, but on Tuesday they were rolled into a set of security patches, called MS06-013, effectively making them mandatory.

MS06-013 changes the way ActiveX processes dynamic content, forcing some users to click on pop-up "tool tip" windows before being able to run things like Flash or Quicktime animation.

But with Siebel client software, which runs inside a browser using ActiveX controls, the application can appear to be completely broken, according to Wayne Smiley, operations manager with Quest Software in Aliso Viejo, Calif.

"In most cases it shows you the proper thing, but you can't actually interact with it," he said. "It's like it's frozen in front of you."

Smiley, who is in the early stages of rolling out a company-wide IE update has also added the Microsoft compatibility patch in order to keep his Siebel software working. Thanks to that, he says he has experienced "no issues so far."

But he believes that there may be other Siebel users who were unaware of the ActiveX issue. "It was by sheer luck that we happened to stumble on this before it was an issue," Smiley said. "I'll bet a lot of people got caught completely off guard."

Though there have been some reports of problems with "very minor" issues with the Eolas ActiveX changes following Tuesday's security update, the Siebel issue is "the only one that seems to have a larger impact," said Gary Schare, director of IE product management with Microsoft.

Oracle Corp., which completed its acquisition of Siebel in January of this year, plans to issue a software patch that fixes this problem in May, the company said Friday. This will be just in time for users like Smiley, because Microsoft's compatibility patch is expected to be available only until June.

The IDG News Service is a Network World affiliate.