The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 I haven’t tried the Netscape beta yet, but I have read that it allows users to switch between the Gecko rendering engine (the one used in Firefox) and Internet Explorer’s rendering engine. I think this a good opportunity to write about the Windows Web Browsing Platform (the IE Platform) and its counterpart, the IE Browser. The Browser is easy to explain. It’s the blue...

The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 We received some good questions about how the JScript engine works in IE. What version of JScript is supported? The version of JScript included with IE6 is EcmaScript edition 3 compliant. I’ve seen some confusion recently with some even claiming that we do not support EcmaScript. In fact JScript, JavaScript and EcmaScript are all basically the same language with a different...

We’ve seen lots of questions about the IE7 announcement. Many of these we are not ready to answer and discuss at this time but there are two things that I can offer clarification on. Platforms. We currently plan to make IE7 available for Windows XP SP2 and later. This will therefore include availability not only for the 32bit version of Windows XP SP2 but also for Windows XP Professional x64 Edition and Windows Server 2003 SP1 both of which are due to be released soon. As Dean commented in his original...

Before I answer this, I want to acknowledge that we have a problem if people are asking this question. Listing what we’ve done or our priorities will help but won’t address the problem. Responding to specific questions with a great product and great documentation (for developers, for IT professionals, for deployment specialists, and for other customers as well), and doing that consistently for as long as we’ve been quiet about IE will help more. So, what happened after Microsoft released IE6? Mostly...

Wow, there are a lot of comments. I wanted to recap the main themes I read in the comments and use them as a roadmap for the topics that we will post about over the next few weeks. What have you guys been doing since IE6? What makes IE7 on Win2K so hard anyway? Standards, standards, standards… say something! What’s in IE7, or at least when can we find out? Don’t you understand that your product is fundamentally not secure because of (blank) and you should rip (blank) out? (I want to call out a comment...

My job is focused on receiving feedback from customers and there’s plenty of it. Feedback comes from a great many sources including corporate customers, product support teams, critical problem resolution teams, newsgroups, blogs, ISVs, web developers, colleagues, friends and family. One of the challenges of working on what is arguably the most used piece of software in the world is that there is such a broad array of customers with many different requirements. There are three broad categories of...

The information published in this post is now out-of-date. —IEBlog Editor, 21 August 2012 Today at RSA, Bill Gates talked about Internet Explorer 7. As the guy responsible for IE, I wanted to say a couple of things about it. First, some basics: we’re committing to deliver a new version of Internet Explorer for Windows XP customers. Betas of IE7 will be available this summer. This new release will build on the work we did in Windows XP SP2 and (among other things) go further to defend users...

The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 A comment from Dave P on this blog touched on the interesting aspect of table rendering. Dave said “ IE renders pages differently from, say firefox. One of the noticeable differences is that IE waits for the entire page before displaying it. “ Actually this is not true and you can se from going to many pages that Internet Explorer does support progressive rendering of...

Yesterday’s security updates for February 2005 include two critical updates relating to Internet Explorer: MS05-013 – has a fix for an issue with the DHTML edit control (CAN-2004-1319) MS05-014 - Cumulative Security Update for Internet Explorer These are both rated “critical” and affect all supported IE configurations from IE5.01 to IE6 for XPSP2. In addition, there is a third update to mention - MS05-008 - which contains a fix for a drag-and-drop vulnerability in the Windows shell code. You need...

Part 1 of Security Issues That Aren't gave rise to a lot of interesting comments. Hearing back from you is really helpful in terms of understanding what issues folks are dealing with and where we need to focus our attention. To those of you who suggested I should worry more about security issues that are instead of those that aren’t : I do! That’s exactly why I chose the subject: The fewer non-security reports I need to investigate, the more time I can spend on more severe problems. So bear with...

The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 This being my first post on the IE blog, I should introduce myself quickly. My name is Vishu Gupta; I am a developer on the IE team. There have been several posts in the recent past asking for more information on how does Internet Explorer sniff the content-type of a downloaded file. The whole thing looks totally inconsistent or should I say...non-compliant! Before reaching...

The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 We’ve just published an MSDN article on a tool called Fiddler . As the article explains it is very useful for http debugging and was written by Eric Lawrence one of the Program Managers on the IE team. Thanks -Dave

Greetings. My name is Mike Friedman. I’m on the Internet Explorer Security Test Team. In IE, the different areas of the Web are partitioned into a set of security zones. The topic I would like to talk about is programmatically adding sites to those zones. Zones were introduced in IE4 as a way to give users and admins more control, to strike a balance between user experience and gradations of risk. If you have a high degree of trust in a site, placing it in a lower-security zone can reduce the number...

The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 There is now a new forum for discussions related to IE security: microsoft.public.internetexplorer.security Here’s the initial posting: Welcome Everyone, This newsgroup is dedicated to the discussion of Internet Explorer security issues. Questions/comments about browser security features, security updates, and IE security best practice are all topics for discussion here...

On the Internet Explorer Community site there’s a new article covering personalising your browser by one of our Internet Explorer MVPs. There are some great tips there that the novice user might find very useful. This is part of a series of articles on the community site and I’d particularly call attention to the article Help Protect Yourself from Online Crime that has great advice whatever browser you use. Feedback and ideas for articles are appreciated. Thanks -Dave

My name is John Hrvatin and I’m the Program Manager for Internet Explorer setup. That includes installers for security updates as well as integrating IE into Windows setup for future releases. In the past, IE has used IExpress as its installer. With the release of security update MS04-038 in October 2004, however, IE has begun using the Windows Package Installer, or “update.exe”, for all IE security updates and hot fixes on the following platforms: • Windows 2000 (all service pack levels) • Windows...

With the delivery of RC 1 of Windows Server 2003 & Windows x64 Client last month, we shipped not one but two browsers with the OS: a 32- and 64-bit version of IE6 for Windows Server 2003 SP1/x64. We had to make a choice with the 64-bit client as to which browser, the 32-bit or 64-bit, would be the default. Compatibility, performance, and interoperability all played a part in our decision, but ultimately our decision was swayed by the lack of 64-bit native controls. We found that in our own every...

The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 On Thursday Jan 13th at 10:00AM PST we’ll be holding our regular monthly Internet Explorer chat with team members. See http://www.microsoft.com/WindowsXP/expertzone/chats/default.mspx for details. The focus of this chat will be currently supported versions of Internet Explorer and is an opportunity to interact with members of the product team getting assistance and giving feedback. We will not be discussing...

Microsoft released several security updates today – MS05-001, MS05-002 and MS05-003. MS05-001 has a fix for a remote code execution issue affecting the HTML Help Control. MS05-002 contains a fix for the “X-Focus” issues. MS05-003 has a fix for a remote code execution issue with Indexing Services The first two are rated “critical” and the third is “important”. MS05-001 is the most critical to reducing IE-based attack vectors. The HTML...

The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 I didn’t expect to be posting before next year, but given the situation in southern Asian and eastern Africa, I thought it important to post something to help those affected by the earthquake and the tsunami. You can find a good list of organizations to which you can make a donation on Microsoft’s Helping Victims of the South Asian Earthquake and Tsunami web page. There are plenty of other sites with information...

The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 I want to comment on a couple of things before we all disappear for the holidays. As you may have noticed, we have turned on comment moderation due to the copious amounts of blog spam we have gotten lately. This means there will be some delay for us to review the comments and then post the ones that are not spam. I don’t really like doing the comment filtering (it’s more work for us), but given the spam...

Today we relaunch the Internet Explorer Developer Center on MSDN. You can find this at the relatively easy to remember URL http://msdn.microsoft.com/ie and is a portal for developers using Internet Explorer technologies. On the developer center we highlight technologies and events and link to reference material, articles and other essential information. The Developer Center is useful for both web developers and Windows developers who are building their solution on the Internet Explorer platform....

My name is Patrick Mann and I’m a security tester on the IE team. A big part of my job is to research potential IE security vulnerabilities reported to Microsoft by 3 rd parties: security vendors, site developers, or simply observant users. These folks do the browsing public a great service by working with us to eliminate vulnerabilities before they can be exploited. However, I’ve also noticed that there are some misconceptions about IE security that lead people to worry about perceived security...

Today we released a security update for IE, MS04-040. This fixes a heap-based buffer overflow that allows remote execution (see CAN-2004-1050 for more details on the specifics of the issue). Full details on the security update can be found in the security bulletin . If you are running IE6 SP1 or IE 6 I strongly suggest you go to Windows Update to get this security release. It’s nice to see the results of all the hard work we put into making XPSP2 and Windows Server 2003 more secure, since users running...

The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 Although most of the team does not spell favourite like this, I originally hail from England and occasionally enjoy antagonizing my colleagues with the British spelling. Here are a few sites that we believe are valuable to web developers. http://www.dynamicdrive.com/ Dynamic Drive has lots of useful widgets to add to web pages from menus to games. www.webreference.com Web Reference has lots of resources...