Today I had quite a scare. My end users asked when we started allowing Active X through the firewall. As you can image, I nearly dropped a pile on the spot.

Anyway, after examining the firewall, the Active X rule was still in place. I sniffed a windows update session which I confirmed no longer uses Active X controls, but instead, a mix of SSL and HTTP.

My guess is that the litigation over Active X has caused this *very* quiet change. For all you FW admins, don't panic when end users start asking why windows update suddenly works when you know that no firewall changes were made.

--TH13