Browse by Tags

IEBlog

Internet Explorer Team Blog
  • Blog Post: August updates for Internet Explorer

    The August update for Internet Explorer includes updates to the WebGL and F12 features, in addition to the latest security updates. As discussed on the Windows blog , we’ll continue to use our existing monthly update process to deliver more frequent improvements in addition to security updates. ...
  • Blog Post: Stay up-to-date with Internet Explorer

    As we shared in May , Microsoft is prioritizing helping users stay up-to-date with the latest version of Internet Explorer. Today we would like to share important information on migration resources, upgrade guidance, and details on support timelines to help you plan for moving to the latest Internet...
  • Blog Post: August 2013 Internet Explorer Updates

    Microsoft Security Bulletin MS13-059 - Critical This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially-crafted Web page using Internet Explorer. An attacker who successfully...
  • Blog Post: CORS for XHR in IE10

    The fourth platform of IE10 simplifies building cross-site scenarios that work consistently across browsers by supporting Cross-Origin Resource Sharing (CORS) for XMLHttpRequest (XHR) . CORS for XHR makes sharing data across sites simple and flexible. In the most basic scenario CORS enables creating...
  • Blog Post: Defense in Depth: Locking Down Mash-Ups with HTML5 Sandbox

    The Web is better when developers can build safer experiences in their sites. With each release of Internet Explorer, we’ve led the way with improvements to the browser to help ensure a safe and secure browsing experience. Now IE10 Platform Preview 2 includes full support for HTML5 Sandbox technology...
  • Blog Post: SmartScreen® Application Reputation – Building Reputation

    With the Internet Explorer 9 (IE9) beta in September we introduced IE9's new application reputation feature and more recently we provided a summary of how this fits into the overall layered approach to security . With the final release of IE9 now available, we want to share some additional...
  • Blog Post: MIME-Handling Changes in Internet Explorer

    Each type of file delivered from a web server has an associated MIME type (also called a “content-type”) that describes the nature of the content (e.g. image, text, application, etc). Back in Internet Explorer 8, we made a few changes to IE’s MIME-sniffing feature that attempts to determine the actual...
  • Blog Post: IE8 Security Part VII: ClickJacking Defenses

    As we planned Internet Explorer 8, our security teams analyzed the common attacks in the wild and the trends that suggest where attackers will be focusing their attention next. Over the course of IE8’s development, we’ve also worked closely with those in the security research community to stay on top...
  • Blog Post: Ending Expressions

    Design criteria such as standard compliance, performance, reliability and security framed the design of IE8 as whole, for new as well as existing features. As a result, CSS expressions are no longer supported in IE8 standards mode. This change was announced previously on the IE blog , however, this post...
  • Blog Post: Updates for AJAX in IE8 Beta 2

    Sunava Dutta here, a program manager focused on improving AJAX in the browser! Now that Internet Explorer 8 Beta 2 is out, I want to write about some of the latest rounds of enhancements we’ve made. As many of you may recall, back in March we discussed a set of developer experiences in AJAX across scenarios...
  • Blog Post: IE8 Security Part VI: Beta 2 Update

    Now that Beta 2 has released, I want to provide a short update on some of the smaller security changes the team has recently made. I’ve also linked to a great article on the IE8 XSS Filter implementation written by the architect of that feature. Restricting document.domain The document.domain property...
  • Blog Post: Securing Cross Site XMLHttpRequest

    As I mentioned in my post on Cross Document Messaging , client side cross domain request is an important area of interest for AJAX developers looking for ways to avoid expensive server side proxying calls. While Cross Document Messaging is useful for allowing third party components or gadgets embedded...
  • Blog Post: ECMAScript Security

    Related to the IE Blog post around mashups in Internet Explorer 8, the Jscript team has a great post on ECMAScript, Security and Mashups over on their blog. Check it out! Kristen Kibble IE Program Manger
  • Blog Post: Enabling Mashups in Internet Explorer 8 with Cross Document Messaging

    Hello, I’m Sunava Dutta and I’m the Program Manager focused on improving our AJAX scenarios in IE8. In this short post I’ll introduce you to a feature we’re implementing in the browser that enables safer mashups. The Same Origin Policy (SOP) requires that browsers prevent script from accessing the contents...
  • Blog Post: IE8 Security Part II: ActiveX Improvements

    Hi, I’m Matt Crowley, Program Manager for Extensibility with Internet Explorer. The team was very excited to be at the RSA security conference last month discussing the security features of Internet Explorer 8 Beta 1. In this, the second part of the IE8 Security blog series, I describe the ActiveX improvements...
  • Blog Post: IE8 Security Part I: DEP/NX Memory Protection

    Hi, I’m Eric Lawrence from the Internet Explorer Security Team. With the RSA security conference kicking off this week, I wanted to start sharing more information about the security features and benefits of Internet Explorer 8 Beta 1. Over the next several weeks, we’ll blog in greater detail about some...
  • Blog Post: Using Frames More Securely

    HTML frames (FRAMESETs and IFRAMEs) are a feature of all modern web browsers that enable content from multiple pages to be displayed within a single view. Historically, frames were primarily used to enable partial page updates, where page navigation was contained in one frame, and page content was contained...
  • Blog Post: Developing Safer ActiveX Controls Using the Sitelock Template

    Last Friday, Microsoft released a new version of the SiteLock Template for ActiveX Controls . The SiteLock template helps ensure that controls you’ve developed for use on your websites cannot be repurposed and used by other (potentially malicious) websites. Why use the SiteLock template? Under the...
  • Blog Post: Enriching the Web Safely: How to Create Application Protocol Handlers

    Over the past few days, we’ve gotten several questions from customers about how you can invoke third-party applications on Windows by specially-crafted URLs that invoke Application URL protocol handlers (Firefox’s “firefoxurl:” has been the most discussed example). I wanted to provide some additional...
  • Blog Post: A Note about the DHTML Editing Control in IE7+

    Hi, I’m B. Ashok, the Product Unit Manager for Web Development Tools – we have our own team blog ( http://blogs.msdn.com/webdevtools ), but I wanted to post over here to discuss a change my team has made which has an effect on users of IE7+ in Windows Vista. Specifically, we are removing the DHTML Editing...
  • Blog Post: Safety First at Mix06

    I’m really excited for my talk tomorrow here at Mix06 . This conference feels more like a party than work. We’re free from the blue-shirt uniform of normal conferences and I’ve tried to make my talk all content - no slides (ok, there are a few slides for folks who don’t see the live show). I’m trying...
  • Blog Post: Security tweaks in IE7

    As we’ve described previously, we’ve made some major architectural improvements to improve browsing security in Internet Explorer 7, including Protected Mode , Phishing Filter , Enhanced Validation SSL , and other features in support of our overall security strategy . Our commitment...
  • Blog Post: Application Compatibility Logging In IE7

    As Rob pointed out in his last blog post on security and compatibility in IE7 , one of the biggest challenges in software development is making the software secure and compatible at the same time. In IE7, we have many new security features that help protect users against various attacks by blocking certain...
  • Blog Post: Security and Compatibility with IE7

    One of the biggest challenges in making software more secure is maintaining compatibility with the existing functionality that customers depend on. We’re here at the RSA security conference in Silicon Valley to work with other software and security professionals to meet our customers’ expectations for...
  • Blog Post: Protected Mode in Vista IE7

    Hi, I’m Mike Friedman. I work on the IE team in the area of security. You may remember me from my previous IE blog post . We here on the IE team have a continuing focus on making web browsing safe from a variety of outside threats. Microsoft Windows Vista introduced an enhanced security model that we...
Page 1 of 2 (29 items) 12