Before I answer this, I want to acknowledge that we have a problem if people are asking this question. Listing what we’ve done or our priorities will help but won’t address the problem. Responding to specific questions with a great product and great documentation (for developers, for IT professionals, for deployment specialists, and for other customers as well), and doing that consistently for as long as we’ve been quiet about IE will help more.
So, what happened after Microsoft released IE6? Mostly the same things that happen after any product releases. Briefly:
So, what did we (Microsoft, not just IE) do? I don’t intend this as an excuse for what we haven’t done, but as a fair description of what we did do. Briefly:
I want to call out XP SP2 in particular. Our goal was to eliminate entire classes of vulnerabilities while maintaining compatibility with applications, add-ins, and services. I think this was a strong step forward.
There’s also tremendous work on Avalon and XAML that the world is only starting to see. You can read more about that on other blogs, both on MSDN and off (for example, Chris Anderson’s).
I think the unarticulated question behind “What have you guys been doing?” is “Do you think it’s enough?” I want to answer clearly: No, it’s not enough. It’s a good start, but we need to do more (product) and communicate more (acknowledge that we’re listening, post responses, and reflect that feedback in the product). That’s why we’re working on IE7.