IEInternals

A look at Internet Explorer from the inside out. @EricLaw left Microsoft in 2012, but was named an IE MVP in '13 & an IE userAgent (http://useragents.ie) in '14

Browse by Tags

Tagged Content List
  • Blog Post: Understanding Enhanced Protected Mode

    Last week, Andy Zeigler announced the introduction of Enhanced Protected Mode (EPM) over on the IEBlog. In today’s post, I’d like to provide further technical details about EPM to help security researchers, IT professionals, enthusiasts, and developers better understand how this feature works...
  • Blog Post: Authenticode and Weak Certificate Chains

    Recently, someone attempted to download a deprecated version of the Windows Script debugger . This tool was used to debug scripts prior to the introduction of more powerful, modern tools like those that are built into IE8 and later. The user emailed me when they encountered a very surprising outcome...
  • Blog Post: Sharpen the Saw

    Gather round, young’ins, Grandpa Eric is going to tell you a story. Back in the old days, when I started writing software, programmers’ utilities were sold in boxes in retail stores. You’d plunk down your 149 bucks or whatever (in cash , kids, this was before credit cards got popular...
  • Blog Post: Detecting Captive Network Portals

    Over on SuperUser , there’s a great explanation of how Windows determines whether a newly-connected network has a proper Internet connection, or whether the user should open a browser to login or click through a Terms of Use agreement. The general idea is that Windows will attempt to download a...
  • Blog Post: Misbehaving HTTPS Servers impair TLS 1.1 and TLS 1.2

    Back in the summer of 2009, I blogged about Windows 7’s new support for TLS 1.1 and TLS 1.2 . These new protocols are disabled by default, but can be enabled using Group Policy or the Advanced Tab of the Internet Control Panel: Some adventurous Internet Explorer users have found that...
  • Blog Post: IE9 No-Reboot Setup and the Windows Restart Manager

    On Windows 7, Internet Explorer 9 can often be installed without rebooting the system. In cases where a system restart is required, either the system lacks one of the required prerequisites (so IE Setup is forced to install it and reboot) or a running program or service is holding one of Internet Explorer’s...
  • Blog Post: In-Place Shell Navigation with the WebBrowser Control on Windows 7

    Because the WebBrowser Control (WebOC) can be used to display a wide range of content (HTML, Office Documents, PDFs, the local file-system, etc) it is often integrated into applications as a somewhat generic object hosting surface. For Windows 7, a small change was made that will impact applications...
  • Blog Post: Understanding Certificate Name Mismatches

    Recently, I received a query from the Windows Mobile team-- they had observed that visiting https://gmail.com triggers a certificate name mismatch error on IEMobile, but doesn’t seem to trigger any error on Windows 7 when using the desktop versions of Internet Explorer or Firefox. Now, long-time readers...
  • Blog Post: Troubleshooting Authentication with Fiddler

    Over the last few weeks, I’ve been exchanging mail with a webmaster (Vladimir) in Russia who reported that his customers were having problems using IE8 on Windows 7 to log into his website. His site uses HTTP Basic Authentication, so users are prompted to enter their credentials using the following...
  • Blog Post: Getting the Server's Certificate Chain from WinINET

    Over the last few years, a number of folks have lamented that there's no good way to get the server's complete certificate chain from a WinINET HTTP response. That has changed with the release of the new WinINET shipping in Windows 7 / IE8. INTERNET_OPTION_SERVER_CERT_CHAIN_CONTEXT is a new flag you...
  • Blog Post: User Account Control in Windows 7

    It isn't directly related to Internet Explorer, but Mark Russinovich's Inside Windows7 User Account Control article over on TechNet provides an illuminating explanation of why UAC isn't a security boundary, but why it helps protect against malware anyway. For IE8 on Win7, the change is that if the...
Page 1 of 1 (11 items)