Microsoft has announced Internet Explorer (IE) will begin blocking outdated ActiveX controls from September 9 by default.
ActiveX is a software framework used by websites to deliver videos and games to users, but is thought by Microsoft to pose a security risk.
Tim Rains, director of trustworthy computing at Microsoft, said: "While ActiveX controls have become increasingly popular over time, many of these applications are neglected or left unpatched for long periods of time potentially leaving people exposed and vulnerable to attack from cybercriminals.
"This is because many ActiveX controls that exist today are not automatically updated."
Users of IE9, 10 and 11 will be a sent a warning when an outdated ActiveX control attempts to run from a website, giving them the option to update their software or run the application.
According to Microsoft, Oracle’s Java Runtime Environment accounted for between 84.6% to 98.5% of exploit kit detections every month during 2013.