IEBlog

Internet Explorer Team Blog

  • IEBlog

    New IE Security News Group Launches

    • 26 Comments
    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 There is now a new forum for discussions related to IE security: microsoft.public.internetexplorer.security Here’s the initial posting: Welcome Everyone, This newsgroup is dedicated to the discussion of Internet Explorer security issues. Questions/comments about browser security features, security updates, and IE security best practice are all topics for discussion here...
  • IEBlog

    New Community Article

    • 50 Comments
    On the Internet Explorer Community site there’s a new article covering personalising your browser by one of our Internet Explorer MVPs. There are some great tips there that the novice user might find very useful. This is part of a series of articles on the community site and I’d particularly call attention to the article Help Protect Yourself from Online Crime that has great advice whatever browser you use. Feedback and ideas for articles are appreciated. Thanks -Dave
  • IEBlog

    IE Setup - From IExpress to Windows Package Installer

    • 11 Comments
    My name is John Hrvatin and I’m the Program Manager for Internet Explorer setup. That includes installers for security updates as well as integrating IE into Windows setup for future releases. In the past, IE has used IExpress as its installer. With the release of security update MS04-038 in October 2004, however, IE has begun using the Windows Package Installer, or “update.exe”, for all IE security updates and hot fixes on the following platforms: • Windows 2000 (all service pack levels) • Windows...
  • IEBlog

    The 64-bit browser in Windows x64

    • 23 Comments
    With the delivery of RC 1 of Windows Server 2003 & Windows x64 Client last month, we shipped not one but two browsers with the OS: a 32- and 64-bit version of IE6 for Windows Server 2003 SP1/x64. We had to make a choice with the 64-bit client as to which browser, the 32-bit or 64-bit, would be the default. Compatibility, performance, and interoperability all played a part in our decision, but ultimately our decision was swayed by the lack of 64-bit native controls. We found that in our own every...
  • IEBlog

    Internet Explorer Expert Zone Chat

    • 10 Comments
    The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 On Thursday Jan 13th at 10:00AM PST we’ll be holding our regular monthly Internet Explorer chat with team members. See http://www.microsoft.com/WindowsXP/expertzone/chats/default.mspx for details. The focus of this chat will be currently supported versions of Internet Explorer and is an opportunity to interact with members of the product team getting assistance and giving feedback. We will not be discussing...
  • IEBlog

    Security Update for HTML Help Control Helps Blunt IE Attack Vectors

    • 8 Comments
    Microsoft released several security updates today – MS05-001, MS05-002 and MS05-003. MS05-001 has a fix for a remote code execution issue affecting the HTML Help Control. MS05-002 contains a fix for the “X-Focus” issues. MS05-003 has a fix for a remote code execution issue with Indexing Services The first two are rated “critical” and the third is “important”. MS05-001 is the most critical to reducing IE-based attack vectors. The HTML...
  • IEBlog

    Earthquake and Tsunami Donation Appeal

    • 2 Comments
    The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 I didn’t expect to be posting before next year, but given the situation in southern Asian and eastern Africa, I thought it important to post something to help those affected by the earthquake and the tsunami. You can find a good list of organizations to which you can make a donation on Microsoft’s Helping Victims of the South Asian Earthquake and Tsunami web page. There are plenty of other sites with information...
  • IEBlog

    Happy Holidays!

    • 16 Comments
    The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 I want to comment on a couple of things before we all disappear for the holidays. As you may have noticed, we have turned on comment moderation due to the copious amounts of blog spam we have gotten lately. This means there will be some delay for us to review the comments and then post the ones that are not spam. I don’t really like doing the comment filtering (it’s more work for us), but given the spam...
  • IEBlog

    Internet Explorer Developer Center

    • 65 Comments
    Today we relaunch the Internet Explorer Developer Center on MSDN. You can find this at the relatively easy to remember URL http://msdn.microsoft.com/ie and is a portal for developers using Internet Explorer technologies. On the developer center we highlight technologies and events and link to reference material, articles and other essential information. The Developer Center is useful for both web developers and Windows developers who are building their solution on the Internet Explorer platform....
  • IEBlog

    Security Issues That Aren’t – Part 1

    • 82 Comments
    My name is Patrick Mann and I’m a security tester on the IE team. A big part of my job is to research potential IE security vulnerabilities reported to Microsoft by 3 rd parties: security vendors, site developers, or simply observant users. These folks do the browsing public a great service by working with us to eliminate vulnerabilities before they can be exploited. However, I’ve also noticed that there are some misconceptions about IE security that lead people to worry about perceived security...
  • IEBlog

    New IE Security Update for IE6 SP1 and IE6 (but not IE6 in XPSP2 or Windows Server 2003)

    • 21 Comments
    Today we released a security update for IE, MS04-040. This fixes a heap-based buffer overflow that allows remote execution (see CAN-2004-1050 for more details on the specifics of the issue). Full details on the security update can be found in the security bulletin . If you are running IE6 SP1 or IE 6 I strongly suggest you go to Windows Update to get this security release. It’s nice to see the results of all the hard work we put into making XPSP2 and Windows Server 2003 more secure, since users running...
  • IEBlog

    A few of our favourite DHTML sites

    • 75 Comments
    The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 Although most of the team does not spell favourite like this, I originally hail from England and occasionally enjoy antagonizing my colleagues with the British spelling. Here are a few sites that we believe are valuable to web developers. http://www.dynamicdrive.com/ Dynamic Drive has lots of useful widgets to add to web pages from menus to games. www.webreference.com Web Reference has lots of resources...
  • IEBlog

    Why I Like Windows

    • 197 Comments
    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 20 August 2012 The great thing about Windows is all the software that runs on it. Every day, there’s new software released for Windows. Today, with Firefox’s release, is no different. As someone who has worked on many big software projects over the last few years, I’m happy for the developers who worked on it. Signing off on your work and letting the rest of the world use it feels good...
  • IEBlog

    Internet Explorer Developer Documentation updates

    • 65 Comments
    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 20 August 2012 We’re working on improving our documentation for web developers on MSDN . Here are a few changes we’ve made over the last month or so. A Simplified Table of Contents This can be seen in the panel on the left under Web Development. The previous table of contents was a bit confused and often made it a struggle to find topics that were relevant. Removal of “new” tags As a...
  • IEBlog

    Red Sox Win the World Series!

    • 26 Comments
    Congratulations to the Boston Red Sox, the 2004 World Series Champions! It is amazing to think that they not only won the World Series for the first time since 1918, but they did it in extraordinary fashion, winning 8 straight games against two of the best teams in baseball. Before I started working with a VIC-20 or a Commodore 64, I was a baseball fanatic. I grew up in New England (Vermont to be exact) living and dying with the fate of the Red Sox. I was fortunate enough to see them play a number...
  • IEBlog

    Tweakomatic Utility for IE Settings

    • 8 Comments
    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 20 August 2012 I got an email thread the other day that started out with the question of how to add a trusted site into "LocalSystem"'s IE setting via command line or script (which is good question, but more on that later). As part of this thread it also talked about a power toy called Tweakomatic. Named to follow along in the great TweakUI power toy tradition, Tweakomatic is a tool...
  • IEBlog

    Scripting Debugging in Internet Explorer

    • 69 Comments
    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 20 August 2012 I thought I’d take a couple minutes to talk about Script Debugging and Internet Explorer. Script debugging is turned off by default you can enable it by going to: Tools->Internet Options…->Advanced->Disable Script Debugging Prior to XPSP2 the above will turn script debugging on for all applications that host the WebBrowser control (Outlook for example). On XPSP2...
  • IEBlog

    “IE Shines on Broken Code” Story on Slashdot

    • 77 Comments
    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 20 August 2012 Slashdot picked up a story from Bugtraq entitled Web browsers - a mini-farce in which Michael Zalewski talks about feeding a variety of browsers a healthy dose of bad content over 2 hours and seeing what happened. The story also includes pointers to the tools he used for hammering the browsers. Here is a bit of his report: 6) Pointless rants It appears that the overall...
  • IEBlog

    Compatibility, or “Just Don’t Break My Site!”

    • 94 Comments
    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 20 August 2012 We’ve had more than a few comments suggesting that IE works too hard at backwards compatibility, and we cater to those people who “don’t code their pages correctly”, or people who otherwise “didn’t do things the right way”. These comments frequently go on to suggest that we (the IE team) should use our market position to “force people to fix their broken stuff”. I’d like...
  • IEBlog

    A fresh IE security update

    • 27 Comments
    The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 Earlier this week we released the latest security update for IE, MS04-038 . We’ve been working on this since XPSP2 shipped, and it’s nice to see it made available to customers on Windows Update . This update addresses, among other issues, the drag & drop vulnerability that’s been in the news & security circles lately. This is also the first IE update to use the our latest installation technology...
  • IEBlog

    Setting Google as Your Autosearch Provider (or One Thing I Don't Love About IE)

    • 30 Comments
    Like any piece of software I have worked on, I have intense affection for the resultant software we ship (warts and all). However, there are usually a number of things you wish you had had more time to make better and every time you run across it in the product it drives you crazy. One thing that bothers me with IE in XPSP2 is the amount of hoops you need to click through to set Google or some other search engine as your autosearch provider. A quick way to set Google is to use the reg file up on...
  • IEBlog

    Opting in to the Information Bar

    • 8 Comments
    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 20 August 2012 So this is my first post on this blog, my name is Phil Nachreiner, I’m a developer on the IE team. I’ll post more about myself in another time, but I’d like to talk briefly about opting into the security features we added in XPSP2. For example, we’ve made it extremely easy to opt existing applications that use the WebBrowser Control into the XPSP2 Information Bar without...
  • IEBlog

    MSDN articles on IE for XP SP2

    • 39 Comments
    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 20 August 2012 If you’re a developer hosting the WebBrowser control, you’ll want to read Compatibility in Internet Explorer 6 for Windows XP Service Pack 2 . This article has details about changes such as: Local Machine Zone Lockdown Object Caching MIME Handling MIME Sniffing Network Protocol Lockdown Window Restrictions File Download Restrictions ActiveX Restrictions Pop-up Blocker...
  • IEBlog

    More on IE's UA string and the SV1 token

    • 49 Comments
    In earlier posts, Christopher mentioned that for Windows XP SP2 and Windows Server 2003 SP1 the UA string was getting a new ‘SV1’ decorator. This has stirred up a flurry of questions and comments about our reasoning behind this decision. Why did we add ‘SV1’ instead of update the IE version number? Well, we know from past experience that changing the version number can have a huge impact on site and application compatibility. We felt that since IE for XPSP2 and WS03SP1 does not have significant changes...
  • IEBlog

    IE in Windows Server 2003 SP1 and Windows XP 64-bit edition v2003

    • 36 Comments
    With XPSP2 out the door, we’re turning our attention to bringing our latest security enhancements to upcoming Windows releases. Next up: Windows Server 2003 SP1 and Windows XP 64-bit edition v2003, which are both currently in Beta. Both these platforms will receive the same treatment as XPSP2 did for IE: they’ll get all our security improvements, the pop-up blocker, the information bar, etc. See Tony’s blog entry about IE in XPSP2 for more info & links about the changes we made in XPSP2. Customers...
Page 40 of 41 (1,022 items) «3738394041