IEBlog

Internet Explorer Team Blog

  • IEBlog

    CORS for XHR in IE10

    • 9 Comments
    The fourth platform of IE10 simplifies building cross-site scenarios that work consistently across browsers by supporting Cross-Origin Resource Sharing (CORS) for XMLHttpRequest (XHR) . CORS for XHR makes sharing data across sites simple and flexible. In the most basic scenario CORS enables creating data sources accessible from any site, and with a few small tweaks you can choose to constrain allowed sites, support data modification, and even allow authentication. Most importantly CORS keeps existing...
  • IEBlog

    Building Better Input Experience for East Asian Users with the IME API in IE11

    • 9 Comments
    During the development of Internet Explorer 11, we proposed and implemented a new set of IME APIs to the Web Applications Working Group for a better input experience for East Asian users. These discussions resulted in changes to the Editor’s Draft of the W3C IME API. This API enables developers to build a tightly integrated experience between the IME that East Asian users rely on to type in their local languages and the UI that developers create to assist input, for example a search suggestion list...
  • IEBlog

    Upcoming IE Conferences and Events

    • 9 Comments
    One of the things I really like about my job is getting out to conferences and events where I can meet you guys. It’s a great opportunity to get feedback from you, and to learn more about our developers and users. It’s also a great opportunity for you to get to know the IE Team. We’re really not a bunch of faceless developers, testers and PM’s. In the past, we haven’t announced what conferences and events we were attending, it was always kind of a surprise, but we are going to try and improve...
  • IEBlog

    Security Update for Windows Vulnerability in Vector Markup Language

    • 9 Comments
    Hi folks, this is Geoff again, IE Program Manager focused on security updates. A Windows Security Update was released today for a vulnerability in the Windows VML (vector markup language) component that can result in remote code execution. Although this is not an IE code vulnerability, we feel it is important to mention that IE can be used as an attack vector for the exploit. We strongly recommend that you visit Microsoft Update or Windows Update to check for this and any other critical security...
  • IEBlog

    Update Released for Some Versions of MSXML

    • 9 Comments
    We want you to know that some IE7 and Windows Vista users will need today’s security update for MSXML even though by default Windows XP and Windows Vista are not affected. Many applications install and use versions 4 and the original version 6 of the control as a part of the XML Core Services. The most common versions of MSXML don’t require any update such as MSXML3 and the version of MSXML6 installed with Windows Vista. Rob Franco Lead Program Manager
  • IEBlog

    Avenues of Support for IE

    • 9 Comments
    I have noticed going through the comments for our entries, that some people have started posting comments that are specific asks for help with IE issues. This blog is not focused on being a support forum, but we will try to help people as we can. If you are looking for more expedient and focused help please see the Microsoft Internet Explorer Support page - http://www.microsoft.com/windows/ie/support/default.mspx . Also please use the Contact link ( http://blogs.msdn.com/ie/contact.aspx ) as mechanism...
  • IEBlog

    Opting in to the Information Bar

    • 8 Comments
    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 20 August 2012 So this is my first post on this blog, my name is Phil Nachreiner, I’m a developer on the IE team. I’ll post more about myself in another time, but I’d like to talk briefly about opting into the security features we added in XPSP2. For example, we’ve made it extremely easy to opt existing applications that use the WebBrowser Control into the XPSP2 Information Bar without...
  • IEBlog

    Tweakomatic Utility for IE Settings

    • 8 Comments
    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 20 August 2012 I got an email thread the other day that started out with the question of how to add a trusted site into "LocalSystem"'s IE setting via command line or script (which is good question, but more on that later). As part of this thread it also talked about a power toy called Tweakomatic. Named to follow along in the great TweakUI power toy tradition, Tweakomatic is a tool...
  • IEBlog

    Security Update for HTML Help Control Helps Blunt IE Attack Vectors

    • 8 Comments
    Microsoft released several security updates today – MS05-001, MS05-002 and MS05-003. MS05-001 has a fix for a remote code execution issue affecting the HTML Help Control. MS05-002 contains a fix for the “X-Focus” issues. MS05-003 has a fix for a remote code execution issue with Indexing Services The first two are rated “critical” and the third is “important”. MS05-001 is the most critical to reducing IE-based attack vectors. The HTML...
  • IEBlog

    Updated Documentation on Controlling Security Restrictions

    • 8 Comments
    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 Our documentation team has just completed updating our documentation covering how administrators and developers can control certain features. This includes the following articles: About Zone Elevation Introduction to Feature Controls About URL Security Zone Templates These documents are useful in understanding the security work undertaken in Windows XP SP2...
  • IEBlog

    IE8 Beta 1 June Security Update Now Available on Windows Update

    • 8 Comments
    Today we released the IE June Cumulative Security Update for Internet Explorer 8 Beta 1 for Developers on Windows Update . For detailed information on the contents of this update, please see the following documentation: IE Blog Post: IE June Security Update Now Available Microsoft Knowledge Base Article 950759 If you are using IE8 Beta 1 for Developers, we encourage you to download this security update through Windows Update or the Microsoft Download Center today. Terry McCoy Program...
  • IEBlog

    September 2013 Internet Explorer Updates

    • 8 Comments
    Microsoft Security Bulletin MS13-069 - Critical This security update resolves ten privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less...
  • IEBlog

    Web Page Performance in a Standards Compliant and Interoperable way

    • 8 Comments
    At Velocity , we showed Internet Explorer 9 as the first browser to support the W3C Navigation Timing proposal to provide performance information to developers at runtime. This interface is aimed at helping developers measure and understand the performance of their website . Web developers can use this performance information to make their web sites faster. For IE9 Platform Preview 6, we updated the Navigation Timing interface to reflect the latest work of the Web Performance Working Group. Special...
  • IEBlog

    IE June Security Update Now Available

    • 8 Comments
    The IE Cumulative Security Update for June 2010 is now available via Windows Update . This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user...
  • IEBlog

    Staying in Control of Your Default Search Provider

    • 7 Comments
    One of our guiding principles in Internet Explorer is to keep users in control of their browser. This applies to settings like the home page , enabled add-ons , and the default search provider. Sometimes, 3rd party software changes the consumer’s default search provider without their consent . Consumers may be surprised to see search results from an unfamiliar Web site and may not know how to change back to their previous default search provider. As we work with developers to ensure that they use...
  • IEBlog

    April 2011 Cumulative Security Update for Internet Explorer Now Available

    • 7 Comments
    The April 2011 Cumulative Security Update for Internet Explorer is now available via Windows Update . This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows clients; and Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows servers. Internet Explorer 9 is not affected...
  • IEBlog

    ActiveX Filtering for Developers

    • 6 Comments
    When we introduced ActiveX Filtering with the IE9 Release Candidate, we focused on delivering a great user experience that stays out of the way from regular browsing and makes it easy for users to turn off filtering when they want to. At the same time, we want users to have a great experience viewing Web sites while ActiveX Filtering is enabled. This includes minimizing site compatibility issues and clearly indicating when content on a Web page is blocked by ActiveX Filtering. ...
  • IEBlog

    The IE Cumulative Security Update for October 2010 is now available via Windows Update

    • 6 Comments
    The IE Cumulative Security Update for October 2010 is now available via Windows Update . This security update resolves seven privately reported vulnerabilities and three publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative...
  • IEBlog

    IE9’s Assistive Technology Interface Enhancements

    • 6 Comments
    IE9 introduces improvements to the interfaces used by assistive technologies (ATs) to enhance the accessibility of Internet Explorer. These changes relate to IE9’s switch to hardware-accelerated rendering of HTML content. Previously, some accessibility tools depended on IE’s GDI-based rendering to scrape information from Web sites. Since IE9 has no GDI-based rendering, these features do not work with IE9. Anticipating this problem, Microsoft has worked closely with assistive technology vendors (ATVs...
  • IEBlog

    May 2013 Internet Explorer Updates

    • 6 Comments
    Microsoft Security Bulletin MS13-037 - Critical This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less...
  • IEBlog

    modern.IE Celebrates 1 Year Anniversary and 1 Million Hours Saved

    • 6 Comments
    Since the launch of modern.IE in January of 2013, developers taking advantage of the free virtual testing tools on the site have collectively saved over 1 million hours testing time . Join us in congratulating the team on the anniversary and the milestone. Learn more about the anniversary over at the Exploring IE blog and more about the resources on the site from our December post. Happy Anniversary @IEDevChat!
  • IEBlog

    Microsoft Security Bulletin MS14-012 - Critical

    • 6 Comments
    This security update resolves sixteen privately reported and two publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users...
  • IEBlog

    Phoiling Phishing at WWW2006

    • 6 Comments
    If you’re at the WWW2006 conference here in beautiful Edinburgh Scotland, you’ve probably seen a number of great presentations already such as yesterday’s discussion on Identity Management featuring Kim Cameron from the Infocard team. Today (Friday) I’m sitting on a panel called Phoiling Phishing hosted by Harvard Researcher Rachna Dhamija , where we’ll focus more specifically on the issue of Phishing and techniques browsers can implement to “phoil” the attacks. I hope you’ll come to discuss if you...
  • IEBlog

    More details on Pop-Up Blocking in XPSP2

    • 5 Comments
    There have been some questions about how pop-up blocking works in XPSP2 in the comments. Jeff Davis , one of the IE developers who worked on this feature in XPSP2, has put together a post ( http://blogs.msdn.com/jeffdav/archive/2004/08/25/220737.aspx ) that gives more details on what we consider a user initiated click. If you want to get better sense for how it works, please take a read through his latest entry - mouseDown + mouseUp = click . Thanks. Scott
  • IEBlog

    Pending Comment Problem Fixed

    • 5 Comments
    The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 The comments system for blogs.msdn.com was recently upgraded and the default was changed to block automatic posting of comments. I have changed it back, which means all comments should show up without having to be published and I also published any comments that were pending. Scott
Page 40 of 41 (1,017 items) «3738394041