Internet Explorer Team Blog

  • IEBlog

    Mark of the Web

    With the Local Machine Zone Lockdown introduced in Windows XP SP2 an HTML file on your hard drive will no longer be able to run script and active content without user permissions being granted through the information bar and an additional prompt. This is part of the work to ensure that if you do get bad content on your machine it cannot run with elevated privileges and do nefarious things. Users should exercise caution whenever the information bar appears and be sure that this is really content they...
  • IEBlog

    Internet Explorer and Accessibility

    Since this is my first post on the IE Blog, I wanted to introduce myself. My name is Kelly Ford and I’m part of the test team responsible for testing the user experience in IE. I also head up our accessibility testing efforts. Today I wanted to talk about three aspects of accessibility as they relate to IE and Windows in general. First is access to the Windows OS for individuals with disabilities, second are a couple of hints for users of screen readers using IE in XPSP2 and finally is a request...
  • IEBlog

    Netscape 8 Beta, the IE Platform, and the IE Browser

    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 I haven’t tried the Netscape beta yet, but I have read that it allows users to switch between the Gecko rendering engine (the one used in Firefox) and Internet Explorer’s rendering engine. I think this a good opportunity to write about the Windows Web Browsing Platform (the IE Platform) and its counterpart, the IE Browser. The Browser is easy to explain. It’s the blue...
  • IEBlog


    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 We received some good questions about how the JScript engine works in IE. What version of JScript is supported? The version of JScript included with IE6 is EcmaScript edition 3 compliant. I’ve seen some confusion recently with some even claiming that we do not support EcmaScript. In fact JScript, JavaScript and EcmaScript are all basically the same language with a different...
  • IEBlog

    IE7 Platforms and Outlook Express

    We’ve seen lots of questions about the IE7 announcement. Many of these we are not ready to answer and discuss at this time but there are two things that I can offer clarification on. Platforms. We currently plan to make IE7 available for Windows XP SP2 and later. This will therefore include availability not only for the 32bit version of Windows XP SP2 but also for Windows XP Professional x64 Edition and Windows Server 2003 SP1 both of which are due to be released soon. As Dean commented in his original...
  • IEBlog

    What have you guys been doing since IE6?

    Before I answer this, I want to acknowledge that we have a problem if people are asking this question. Listing what we’ve done or our priorities will help but won’t address the problem. Responding to specific questions with a great product and great documentation (for developers, for IT professionals, for deployment specialists, and for other customers as well), and doing that consistently for as long as we’ve been quiet about IE will help more. So, what happened after Microsoft released IE6? Mostly...
  • IEBlog

    IE7 Comments Recap

    Wow, there are a lot of comments. I wanted to recap the main themes I read in the comments and use them as a roadmap for the topics that we will post about over the next few weeks. What have you guys been doing since IE6? What makes IE7 on Win2K so hard anyway? Standards, standards, standards… say something! What’s in IE7, or at least when can we find out? Don’t you understand that your product is fundamentally not secure because of (blank) and you should rip (blank) out? (I want to call out a comment...
  • IEBlog

    Listening to Customers

    My job is focused on receiving feedback from customers and there’s plenty of it. Feedback comes from a great many sources including corporate customers, product support teams, critical problem resolution teams, newsgroups, blogs, ISVs, web developers, colleagues, friends and family. One of the challenges of working on what is arguably the most used piece of software in the world is that there is such a broad array of customers with many different requirements. There are three broad categories of...
  • IEBlog


    The information published in this post is now out-of-date. —IEBlog Editor, 21 August 2012 Today at RSA, Bill Gates talked about Internet Explorer 7. As the guy responsible for IE, I wanted to say a couple of things about it. First, some basics: we’re committing to deliver a new version of Internet Explorer for Windows XP customers. Betas of IE7 will be available this summer. This new release will build on the work we did in Windows XP SP2 and (among other things) go further to defend users...
  • IEBlog

    Table Rendering

    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 A comment from Dave P on this blog touched on the interesting aspect of table rendering. Dave said “ IE renders pages differently from, say firefox. One of the noticeable differences is that IE waits for the entire page before displaying it. “ Actually this is not true and you can se from going to many pages that Internet Explorer does support progressive rendering of...
  • IEBlog

    February IE Security Updates Released

    Yesterday’s security updates for February 2005 include two critical updates relating to Internet Explorer: MS05-013 – has a fix for an issue with the DHTML edit control (CAN-2004-1319) MS05-014 - Cumulative Security Update for Internet Explorer These are both rated “critical” and affect all supported IE configurations from IE5.01 to IE6 for XPSP2. In addition, there is a third update to mention - MS05-008 - which contains a fix for a drag-and-drop vulnerability in the Windows shell code. You need...
  • IEBlog

    Security Issues That Aren’t – Part 2

    Part 1 of Security Issues That Aren't gave rise to a lot of interesting comments. Hearing back from you is really helpful in terms of understanding what issues folks are dealing with and where we need to focus our attention. To those of you who suggested I should worry more about security issues that are instead of those that aren’t : I do! That’s exactly why I chose the subject: The fewer non-security reports I need to investigate, the more time I can spend on more severe problems. So bear with...
  • IEBlog

    IE content-type logic

    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 This being my first post on the IE blog, I should introduce myself quickly. My name is Vishu Gupta; I am a developer on the IE team. There have been several posts in the recent past asking for more information on how does Internet Explorer sniff the content-type of a downloaded file. The whole thing looks totally inconsistent or should I say...non-compliant! Before reaching...
  • IEBlog

    Http Debugging with Fiddler

    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 We’ve just published an MSDN article on a tool called Fiddler . As the article explains it is very useful for http debugging and was written by Eric Lawrence one of the Program Managers on the IE team. Thanks -Dave
  • IEBlog

    IE Security Zones

    Greetings. My name is Mike Friedman. I’m on the Internet Explorer Security Test Team. In IE, the different areas of the Web are partitioned into a set of security zones. The topic I would like to talk about is programmatically adding sites to those zones. Zones were introduced in IE4 as a way to give users and admins more control, to strike a balance between user experience and gradations of risk. If you have a high degree of trust in a site, placing it in a lower-security zone can reduce the number...
  • IEBlog

    New IE Security News Group Launches

    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 There is now a new forum for discussions related to IE security: Here’s the initial posting: Welcome Everyone, This newsgroup is dedicated to the discussion of Internet Explorer security issues. Questions/comments about browser security features, security updates, and IE security best practice are all topics for discussion here...
  • IEBlog

    New Community Article

    On the Internet Explorer Community site there’s a new article covering personalising your browser by one of our Internet Explorer MVPs. There are some great tips there that the novice user might find very useful. This is part of a series of articles on the community site and I’d particularly call attention to the article Help Protect Yourself from Online Crime that has great advice whatever browser you use. Feedback and ideas for articles are appreciated. Thanks -Dave
  • IEBlog

    IE Setup - From IExpress to Windows Package Installer

    My name is John Hrvatin and I’m the Program Manager for Internet Explorer setup. That includes installers for security updates as well as integrating IE into Windows setup for future releases. In the past, IE has used IExpress as its installer. With the release of security update MS04-038 in October 2004, however, IE has begun using the Windows Package Installer, or “update.exe”, for all IE security updates and hot fixes on the following platforms: • Windows 2000 (all service pack levels) • Windows...
  • IEBlog

    The 64-bit browser in Windows x64

    With the delivery of RC 1 of Windows Server 2003 & Windows x64 Client last month, we shipped not one but two browsers with the OS: a 32- and 64-bit version of IE6 for Windows Server 2003 SP1/x64. We had to make a choice with the 64-bit client as to which browser, the 32-bit or 64-bit, would be the default. Compatibility, performance, and interoperability all played a part in our decision, but ultimately our decision was swayed by the lack of 64-bit native controls. We found that in our own every...
  • IEBlog

    Internet Explorer Expert Zone Chat

    The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 On Thursday Jan 13th at 10:00AM PST we’ll be holding our regular monthly Internet Explorer chat with team members. See for details. The focus of this chat will be currently supported versions of Internet Explorer and is an opportunity to interact with members of the product team getting assistance and giving feedback. We will not be discussing...
  • IEBlog

    Security Update for HTML Help Control Helps Blunt IE Attack Vectors

    Microsoft released several security updates today – MS05-001, MS05-002 and MS05-003. MS05-001 has a fix for a remote code execution issue affecting the HTML Help Control. MS05-002 contains a fix for the “X-Focus” issues. MS05-003 has a fix for a remote code execution issue with Indexing Services The first two are rated “critical” and the third is “important”. MS05-001 is the most critical to reducing IE-based attack vectors. The HTML...
  • IEBlog

    Earthquake and Tsunami Donation Appeal

    The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 I didn’t expect to be posting before next year, but given the situation in southern Asian and eastern Africa, I thought it important to post something to help those affected by the earthquake and the tsunami. You can find a good list of organizations to which you can make a donation on Microsoft’s Helping Victims of the South Asian Earthquake and Tsunami web page. There are plenty of other sites with information...
  • IEBlog

    Happy Holidays!

    The information published in this post is now out-of-date. —IEBlog Editor, 20 August 2012 I want to comment on a couple of things before we all disappear for the holidays. As you may have noticed, we have turned on comment moderation due to the copious amounts of blog spam we have gotten lately. This means there will be some delay for us to review the comments and then post the ones that are not spam. I don’t really like doing the comment filtering (it’s more work for us), but given the spam...
  • IEBlog

    Internet Explorer Developer Center

    Today we relaunch the Internet Explorer Developer Center on MSDN. You can find this at the relatively easy to remember URL and is a portal for developers using Internet Explorer technologies. On the developer center we highlight technologies and events and link to reference material, articles and other essential information. The Developer Center is useful for both web developers and Windows developers who are building their solution on the Internet Explorer platform....
  • IEBlog

    Security Issues That Aren’t – Part 1

    My name is Patrick Mann and I’m a security tester on the IE team. A big part of my job is to research potential IE security vulnerabilities reported to Microsoft by 3 rd parties: security vendors, site developers, or simply observant users. These folks do the browsing public a great service by working with us to eliminate vulnerabilities before they can be exploited. However, I’ve also noticed that there are some misconceptions about IE security that lead people to worry about perceived security...
Page 40 of 42 (1,037 items) «3839404142