Internet Explorer Team Blog

  • IEBlog

    The orange icon...

    We are currently working on the icon for feeds and have some designs to share. It’s orange. It’s rectangular. Check it out on the RSS blog . - Jane
  • IEBlog

    A quick blog from the floor of the Hack in the box conference

    Tony and Rob have just wrapped up their keynote here in Kuala Lumpur, and I wanted to make sure that the resources they talked about are listed here both for the benefit of the conference attendees who wanted to get to them and to everyone else who couldn’t be here today. The talk spoke to how Microsoft’s Security Development Lifecycle (SDL) has influenced the development of IE 7. Specifically, and quite obviously if you’ve been reading this blog, IE 7 isn’t just about patching problems but about...
  • IEBlog

    IE development in China

    The information published in this post is now out-of-date. —IEBlog Editor, 21 August 2012 Tony Chor , Rob Franco , and myself are in Beijing today as we make our way to Kuala Lumpur for the Hack-In-The-Box conference . We have a great team over here in what we call the ATC (Advanced Technology Center). In the past 6 months they’ve gone from just starting to adding serious value to IE 7. The folks over here have already contributed to IE 7 by re-writing the select control which Chris Wilson...
  • IEBlog

    More details on Protected Mode IE in Windows Vista

    Hello, I’m Marc Silbey, a Program Manager focused on IE security. I’m back from my honeymoon and I want to follow-up to Rob’s last post on IE7 Security by providing you with more detail on Protected Mode’s compatibility features and by telling you about a related workaround to a known issue in the first Community Technology Preview (CTP) build of Windows Vista. As Rob mentioned, Protected Mode helps to eliminate the silent install of malicious code through Windows Vista’s User Account Protection...
  • IEBlog

    IE7 Security in Brief

    While Rob Franco and Chris Wilson were presenting and getting feedback at PDC, I spent most of my time in smaller discussions (for example, with Paul and Joe ) about the security work we’ve done in IE. The discussions reminded me that, before most of the team was working on IE7, before Rob posted about our overall approach to IE7 security, we heard three things about IE and security over and over: "take it out of the operating system (or integrate it less), get rid of ActiveX, and rewrite IE to be...
  • IEBlog

    Developer Toolbar for IE announced at PDC

    The developer community has asked for a long time: Where is the free developer toolbar for IE? We recognized the popularity of free IE tools like Fiddler and we listened to your feedback. I am glad to announce the next addition to our developer tool support: The IE dev toolbar. This tool will help developers to explore their HTML documents and understand everything about it. With the IE Dev Toolbar you have several features at your fingertips to go deep into existing pages or pages that you are...
  • IEBlog

    The <?xml> prolog, strict mode, and XHTML in IE

    I realized as I read through the comments to my last blog post that I forgot to mention one important item that was in my presentation. We have fixed the DOCTYPE switch so it will skip an XML prolog, so that valid XHTML can be handled in strict compliance mode rather than quirks mode. I’ve also been reading comments for some time in the IEBlog asking for support for the “application/xml+xhtml” MIME type in IE. I should say that IE7 will not add support for this MIME type – we will, of course,...
  • IEBlog

    IE7 and OpenSearch: Behind the scenes

    As Aaron mentioned, the IE team collaborated with A9/Amazon on OpenSearch 1.1. This blog post is a story about how the collaboration took place. IE7 Beta1 shipped with a set of 5 search providers and there wasn’t a way (short of hacking the registry) to add more search providers. When we started looking into how a site should describe itself, our first thought was the ‘src’ format . After all, it was pretty simple and it could describe how to construct the query to get the search result page back...
  • IEBlog

    Adding Search providers to IE 7 using OpenSearch 1.1

    It’s our goal to make it easy for IE7 users to personalize their list of search providers. The user should be able to target their search directly to site of their choice: MSDN, Intranet portal, Team Sharepoint, PubMed, NYTimes, Costco, USPS, Amazon, WikiPedia, Ebay, Craigslist, etc. My last blog post mentioned we will be adding extensibility for Internet Explorer’s new Search Box in Beta 2. We’re announcing the API at PDC during Chris Wilson’s talk on IE7. Here are the details. The scenario has...
  • IEBlog

    Hello from LA!

    I’m here at the Microsoft Professional Developer Conference 2005 in Los Angeles, and I just finished giving my presentation entitled "What’s New in IE7?" to a pretty full house (for a late afternoon session). I’m still pretty pumped up from my talk, but I wanted to share the features we haven’t previously mentioned (and repeat a few we have) for everyone who didn’t make it to the PDC. Expect to see more detail on these features in the near future here on the IEBlog, and of course these features will...
  • IEBlog

    PDC talk on IE Security features (FUNL03) rescheduled to tomorrow 12:30 in 402AB

    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 If you are here at the PDC you probably know that the Keynote presentation went much longer than expected today. Because of that, all of the lunch talks were cancelled, including my talk, “FUNL03 Case Study: building a more secure browser in IE7”. There was already a group of folks waiting in the audience. When the cancellation was announced, I gave folks the option...
  • IEBlog

    Phishing Filter in IE7

    Hi, my name is Tariq Sharif and I am a Program Manager on the IE Security team. One of the threats users face on the web is phishing. Today, I want to tell you about the Phishing Filter in IE7, a new security feature designed to dynamically warn users if they visit a phishing site. I’ll cover the filter service communication flow, show you what some of the filter notifications look like, how can you report a phishing site and most importantly I will let you know the process of reporting an...
  • IEBlog

    Powering up with Internet Explorer Extensibility

    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 I’ve been keenly interested in extending Internet Explorer since long before I joined the team last fall. MSDN provides some great documentation on how to extend Internet Explorer, but as a longtime IE enhancer, I’d like to highlight some of my favorite resources. IE provides a number of mechanisms that permit software developers to extend the browser in powerful ways...
  • IEBlog

    Improving the CSS 2.1 strict parser for IE 7

    We've already started talking about a few of the CSS changes that are going to be available in IE 7 when we release, but there are a few hanging points that we haven't talked about yet or haven't covered completely. There are 3 specific items I'd like to talk about: Using the root node wild card selector for IE only rules (* HTML) [strict mode only fix] Multi-class selectors as defined by CSS 2.1 (.floral.pastel) [strict mode only fix] Pseudo-element parsing sometimes flags rules as invalid...
  • IEBlog

    User Agent String Documentation

    One of the purposes of releasing the IE7 beta is to collect feedback on compatibility with both websites and extensions and we continue to look at all the reports we receive of sites and applications not working. There are reasons for this such as the base tag change that we blogged about recently and also bugs that we are detecting that you’ll see addressed later in the project cycle. However the most common issue we continue to see for web sites not working are that they are blocking access or...
  • IEBlog

    Continued fruits of the WaSP partnership: The “HasLayout” myth debunked

    Based on some discussion in the Microsoft-WaSP task force , I wanted to explain a little more of the internal workings of IE to help web developers with their daily IE work. In this installment, you will find an article up on MSDN (as part of the ongoing “ Exploring Internet Explorer” series) about the implications of an element having a “layout”. There are several bugs in IE that can be worked around by forcing “a layout” (an IE internal data structure) on an element. The most famous workaround...
  • IEBlog

    Principles behind IE7’s Phishing Filter

    My last post was intended to introduce our overall security strategy and the specific features in IE7 Beta1 for XP SP2 and Windows Vista. A lot of responses to my post were questions about why and how the Microsoft Phishing Filter in IE7 will check websites. We have also have heard from a number of site owners who want to know how they can correct an evaluation of “suspicious” or “confirmed phishing”. Before we continue posting on the rest of the IE7 security features, I want to let you know that...
  • IEBlog

    All your <base> are belong to us

    For IE 7 we decided to make some changes to the way the <BASE> tag is handled to bring it up to spec and at the same time fix some really odd behavior. In the process we expect some people relying on the previous behavior to have to update their content otherwise they may find their site doesn't work exactly as planned. Most of the old functionality is still there, but there are some key differences. To start, in previous versions of IE, you could place the BASE tag anywhere in the document...
  • IEBlog

    Internet Explorer turns 10

    The first Microsoft product I ever shipped, Windows 95, launched 10 years ago today. Around the same time we also launched Internet Explorer 1.0 (though with considerably less fanfare), which quickly gave way to IE 2.0 (which shipped with the Plus! Pack for Windows 95). 6 years later we launched Windows XP, which shipped IE 6.0. That’s more or less 1 new version of IE a year for 6 years. Of course the pace with which we ship versions of IE has dropped off since then with our most notable recent release...
  • IEBlog

    IE Security talk at Hack in the Box

    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 As some of you have noted in the comments, I will be doing a keynote presentation at the Hack in the Box conference in Kuala Lumpur, Malaysia on September 28. The title of my presentation is “Internet Explorer Security Past, Present, and Future”. I’ll be talking about the kinds of threats we’ve seen, how we started to address them in Windows XP SP2, and our plans to go...
  • IEBlog

    Exploring Internet Explorer

    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 Today we launched a new column on MSDN called “ Exploring Internet Explorer ”. Currently there is a single article there from Eric Lawrence on Zones and Proxies where he explores some of the interesting ways that the intranet zone and proxies can interact. We expect to add more articles to this column over the coming weeks. If there is a particular mystery of Internet...
  • IEBlog

    URLs in Internet Explorer 7

    Internet Explorer 7 includes a new URL handling architecture known internally as CURI. The new optimized URI functions provide more secure and consistent parsing of URIs to reduce attack surface and mitigate the threat of malicious URIs. When designing our security strategy for IE7 , malicious URIs were near the top of the list because secure handling of URIs throughout IE is critical to the security of the system. Hence, a major architectural investment was made in CURI for IE7. Unlike most...
  • IEBlog

    New IE 7 Icon and Logo

    Hopefully, by now you’ve seen from our posts that there are a lot of new features and work going into IE 7. As part of this update, we’re refreshing our icon and logotype. We considered more radical departures from our current logo, but blue “e” with the ring is very recognizable and familiar to users, so we elected instead to make more subtle changes. As you can see, the new “e” has more modern look, and the edges are a bit darker so the icon stands out better against different backgrounds...
  • IEBlog

    Search in Beta 1

    The information published in this post is now out-of-date and one or more links are invalid. —IEBlog Editor, 21 August 2012 Hi, I’m Aaron Sauve, Program Manager focused on features relating to the Internet Explorer user interface. One of these features is web search. Now that Beta 1 is out in the wild I would like to say a few quick words about what we have included and give some insight into where we are going in Beta 2. Beta 1 includes a few simple enhancements to web search. Search is...
  • IEBlog

    IE August 2005 Security Update is now available!

    The IE August 2005 security updates are now available! This group of security updates is now available via Windows Update . Alternatively, you can receive this and all other Microsoft updates available via the new Microsoft Update . We encourage you to give MU a try. Information about the IE Security update can be found at: MS05-038 – Cumulative Security Update for Internet Explorer (KB# 896727) This security update package contains fixes for the following vulnerabilities: JPEG Image...
Page 38 of 43 (1,054 items) «3637383940»