Welcome to MSDN Blogs Sign in | Join | Help

September 2006 - Posts

Friday, September 29, 2006 12:00 PM

Security Update for Windows Vulnerability in Vector Markup Language - Now Available

Hi folks, my name is Geoff and I am a Program Manager with the IE team focusing on security updates. On Tuesday, Windows released a security update for a vulnerability in the Windows component VML (vector markup language) that can result in remote code
Posted by ieblog | 49 Comments
Thursday, September 28, 2006 6:00 AM

Anti-Phishing Accuracy Study

As we’ve worked on the new Phishing Filter in IE7, we knew the key measure would be how effective it is in protecting customers. In addition to our internal tests, we wanted to find some external measure of our progress to date as well as pointing to
Posted by ieblog | 58 Comments
Friday, September 22, 2006 10:02 AM

More Add-Ons: NewsGator Desktop Sync (Beta)

Add-ons for the IE platform are more than just toolbars, custom browsers and find-on-page add-ons . The edges of what you can do with the platform are virtually unlimited. Earlier this year at Mix06 , Greg Reinacker and Walter VonKoch demo’d a tool for
Posted by ieblog | 28 Comments
Friday, September 22, 2006 9:28 AM

September Chat Transcript Now Available

Hey all, Here’s the link to the transcript for the September Expert chat: http://www.microsoft.com/windowsxp/expertzone/chats/transcripts/06_0914_ez_ie.mspx . We will be holding another chat in November for those of you who couldn’t make this one. Information
Posted by ieblog | 25 Comments
Wednesday, September 20, 2006 10:29 AM

The IE7 User-Agent String

In April 2005, we blogged about the new Internet Explorer 7 User Agent string sent to websites by the browser to identify itself. Since our original blog posting, we have also posted two new articles on the topic to MSDN: Understanding User-Agent Strings
Posted by ieblog | 64 Comments
Tuesday, September 19, 2006 10:30 AM

IE7 Dialog Sizes - A Quick Update

This is just a follow up to my recent post about dialog sizing in IE7 . Based on your feedback regarding the minimum dialog height restrictions, my team re-evaluated our position and changed the minimum height from 150 to 100 pixels. We think this change:
Posted by ieblog | 17 Comments
Friday, September 15, 2006 4:45 PM

Direct Animation Overflow and IE7

A researcher posted a vulnerability against IE6 yesterday that uses random input to create a heap overflow in a Direct Animation object. Our team is testing a security update right now to fix this overflow, but in the meantime you can keep your systems
Posted by ieblog | 33 Comments
Filed under:
Friday, September 15, 2006 11:02 AM

IE7 Phishing Filter Update

Greetings! I’m Raghava Kashyapa, Program Manager for the Microsoft Phishing Filter technology in IE7. As you might already know - it is important to use the latest versions of IE7 to get the benefits of all the changes we have made over the past year
Posted by ieblog | 36 Comments
Wednesday, September 13, 2006 11:31 AM

CreateURLMoniker Considered Harmful

While working on IE7 application compatibility, we’ve seen many cases of interesting and strange invalid file URIs. I believe a substantial amount of responsibility for the confusion over file URIs lies with the deprecated urlmon.dll function CreateURLMoniker.
Posted by ieblog | 15 Comments
Tuesday, September 12, 2006 10:01 AM

Update Available for IE 5.01, IE 6.0 SP1, and IE 6.0 on Server 2003

This morning we re-released three versions of our August 2006 cumulative security update (MS06-042). As I had written about before , the original release of MS06-042 introduced a new security vulnerability for IE 6.0 SP1 users which we addressed in a
Posted by ieblog | 29 Comments
Monday, September 11, 2006 12:31 PM

RSS Secure by Design

One of the reasons we went to Blackhat last month was to show how the Security Development Lifecycle (SDL) has changed the way that Microsoft builds products. I talked about how we’re reducing attack surface with features like ActiveX opt-in, improving
Posted by ieblog | 16 Comments
Monday, September 11, 2006 12:00 PM

September IE Expert Zone Chat

Just wanted to remind everyone that the IE team will be having our Expert Zone chat on Thursday September 14 th at 10.00AM PDT (5.00PM GMT). We’ll also post the transcript shortly after the chat for those of you who can’t make it. Cheers, Uche Enuha Program
Posted by ieblog | 13 Comments
Filed under:
Thursday, September 07, 2006 3:00 PM

Extending IE Quick and Dirty

As a scripting junkie at heart, I set out to write an extension in script for IE7: inline search – searching the document for text while I type. Before you get too excited, this does not replace the Find functionality in IE7. It’s just me getting excited
Posted by ieblog | 54 Comments
Attachment(s): findonpage.zip
Friday, September 01, 2006 12:21 PM

IE Developer Center Refresh

We've just completed a redesign and refresh of the IE Developer Center on MSDN. The goal is to make it easier to find IE related developer content and even includes an updated photo of me with the neon blue 'e' behind me that you can find in the lobby
Posted by ieblog | 98 Comments
 
Page view tracker