This well known domain BLOGATOR.COM is available for you!
The Windows Internet Explorer Platform Preview build marks an important milestone in the development of the next version of Internet Explorer. A significant part of the platform preview is focused on new or proposed World Wide Web Consortium (W3C) web standards. The goal of industry standards is actually “interoperability.” For HD television standards, that means that multiple TVs can render the same rich content in a consistent way. In the web case, that means the same HTML, script, and formatting markup work the same across different browsers. Eliminating the need for different code paths for different browsers benefits everyone, and creates more opportunity for developers to innovate on great web content. Developers have said they want to use the same markup across all modern browsers. Each proposed standard needs a comprehensive test suite to make this happen. The test suite helps resolve ambiguities in the specification by testing any implementation (aka browser) built on that specification. The test suites also need to thoroughly exercise everything in the specification and not just test a handful of things sampled from various parts of the spec. During the IE8 project we submitted 7201 test cases to the W3C’s CSS 2.1 Working Group in an effort to help the industry develop a comprehensive test of the CSS 2.1 specification. It was exciting to see other companies join in and provide additional cases as well. A
Last month we published interoperability information for Internet Explorer 7 and Internet Explorer 8 focused on CSS and HTML4.01. Today we publish another set of documentation covering: Document Object Model (DOM) Level 1 (spec link) Document Object Model (DOM) Level 2 Core (spec link) Document Object Model (DOM) Level 2 Events (spec link) Document Object Model (DOM) Level 2 HTML (spec link) Document Object Model (DOM) Level 2 Style (spec link) Document Object Model (DOM) Level 2 Views (spec link) Document Object Model (DOM) Level 3 Core (spec link) Platform for Privacy Preferences (P3P) (spec link) PICS Label Distribution Label Syntax and Communication Protocols (spec link) PICS Rules (spec link) PICS Rating Services and Systems (spec link) Portable Network Graphics (PNG) (spec link) Ruby Annotation (spec link) Extensible Markup Language (XML) 1.0 (Fourth Edition) (spec link) XML Namespaces (spec link) XML Path Language (XPath) (spec link) XSL Transformations (XSLT) (spec link) ISO 10918-1 Image Compression and Encoding (JPEG) (spec link) As before, these are drafts, and in the future we’ll talk about how we engineered these documents and will keep them up-to-date. Thanks!John HrvatinLead Program Manager, Internet Explorer
Getting specific feedback directly from developers about their experiences with the platform is super important to us. It’s a critical part of how we optimize for real world performance and real world code patterns. This post is about the changes we’re making to our feedback programs in support of broadening and strengthening that feedback loop. Feedback about Feedback Your feedback about how we managed developer feedback over the last several releases guided the changes we’re making with IE9. One of our commitments is to look at every single piece of feedback that we receive. The sheer volume of feedback from IE7 drove much of the design of the IE8 Beta Feedback process. For IE8, we limited the number of people who could file bugs and put no limits on who could vote on bugs. Many of the comments on that process were clear. At the same time, history has shown that users will often submit un-actionable feedback (registration required), large volumes of which significantly reduce our ability to react to high quality feedback (registration required). Some developers asked that we change the tool we use to accept bugs, noting things like the fact that the status and resolution information communicated isn’t always helpful. Below you can see some of the changes we made as a result of this feedback. The specifics of our programs and tools are at the bottom of this blog. Here are the areas where we’re improving: We want to hear to hear from the entire developer community,
Today we’re excited to release the first ever Internet Explorer Platform Preview. The Platform Preview provides developers an early look at some of the features coming to Internet Explorer, enabling them to try out the new capabilities of the platform. Why When we released IE8, we said that our next steps started with listening to your feedback. A major part of what we heard, including comments to that same post, was that developers wanted more builds, more often. At the same time, given the high expectations of our users and the breadth of impact of changes we make to our platform, we need to carefully balance the quality of what we release with the frequency of releases. With the Platform Preview we want to strike a balance that provides developers an early and reliable hands-on experience with key parts of IE. With this Platform Preview, developers and people interested in standards and web development can try out new platform functionality and provide early feedback. What It Is The Internet Explorer Platform Preview is a light-weight frame around the core IE platform which includes the rendering and layout, object model, parsing, and script engines. It’s a way to try out the platform, and the experience improvements we’re making to performance, standards support and interoperability, enabling “the same markup” to work. We designed the Platform Preview to be installed, side by side with IE8. The Platform Preview is not a replacement for your daily browser; for example, the
When we started looking deeply at HTML5, we saw that it will enable a new class of applications. These applications will stress the browser runtime and underlying hardware in ways today’s websites don’t. We quickly realized that doing HTML5 right – our intent from the start – is more about designing our browser’s subsystems around what these new applications will need than it is about a particular set of features. From the beginning, we approached IE9 with the goal of enabling professional-grade, modern HTML5 support on top of modern hardware through Windows. At the MIX conference today, we demonstrated how the standard web patterns that developers already know and use broadly run better by taking advantage of PC hardware through IE9 on Windows. This blog post provides an overview of what we showed today, across performance, standards, hardware-accelerated HTML5 graphics, and the availability of the IE9 Platform Preview for developers. First, we showed IE9’s new script engine, internally known as “Chakra,” and the progress we’ve made on an industry benchmark for JavaScript performance. With the differences between script engines on benchmarks approaching the duration of an eye-blink, we described our approach for making real-world sites faster. Chakra compiles JavaScript in the background on a separate core of the CPU, parallel to IE. We showed our progress in making the same standards-based HTML, script, and formatting markup work across different browsers. We shared the
Hi, In this post, I will introduce you to some of the most compelling Facebook add-ons for Internet Explorer 8. Share with Facebook Accelerator The Share with Facebook Accelerator allows you to share any text, link, or page with your Facebook friends with a single click. You can use this accelerator by selecting either some text or a link, or by right-clicking on any part of the page. Install here: http://www.ieaddons.com/en/details/204/Share_on_Facebook/ The technical beauty of this add-on is that it is extremely simple. In fact, it is contained in a single XML file, which is based on the OpenServiceDescription specification. Facebook Web Slice The Facebook Web Slice allows you to stay up to date with what’s happening in your Facebook network. Regardless what website you are on, you can click at any time on the web slice title and display the recent messages from your friends on your board. Install here: http://www.ieaddons.com/en/details/social/Facebook_Web_Slice/ The Web Slice uses the Facebook Connect APIs to connect to your account and it shows a notification when new content is available. Special thanks go to the MVP Konstantinos Pantos for his contribution to the community. Facebook Search Provider Do you need to search for someone on Facebook? You can start right away from the browser search box! Install here: http://www.ieaddons.com/en/details/searchhelpers/Facebook/ Again, this extension is built on top of an XML file which describes the end-point for the search
We’re always excited to engage with members of the W3C including the developers of other browsers as well as the broader web development community to help shape the direction of emerging Web standards, particularly HTML5. This includes participating in events like TPAC, which we wrote about in November, and on-going engagement with various working groups. Patrick recently talked about joining the SVG working group, and I’d like to share a brief list of other happenings on the way to making HTML5 well-defined, well-tested, and accessible: Providing feedback on HTML5 Tony Ross, Internet Explorer Program Manager, and Jonas Sicking of Mozilla, led a discussion about extensibility in HTML5 at TPAC after our initial submission. While the working group hasn’t resolved the issue yet, we think the event helped inform everyone and generate the different proposals submitted since. Testing HTML5 Kris Krueger, Internet Explorer Test Lead, was appointed facilitator of the W3C HTML5 Testing Task Force. The task force has set up necessary infrastructure like a wiki, Bugzilla, a work item tracker, and CVS repository for test cases. With that in place, they’ve started to review DOM Level 2 HTML test cases to use as the start of HTML5 testing. As with CSS2.1, we think a good test suite is critical to ensuring a specification results in interoperable implementations. Ensuring new specifications enable accessibility We care deeply about an accessi
The RSA 2010 Security Conference is just finishing up here in San Francisco, and I’m struck by how many of the conference sessions and keynotes have warned about the threat that socially engineered malware poses to the security of the Internet. Malware has become the scourge of the Internet, and it’s not just the security experts who are worried—the top story in my morning paper yesterday described how a typical malware attack compromised a financial firm’s network. Our data shows that one out of every 250 downloads is the result of a user being tricked into downloading malware to their PC. We’re proud of the protection SmartScreen® Filter provides to protect IE8 users from such attacks, and I’d like share some of the latest numbers on our level of protection. Since we launched IE8 in March 2009, SmartScreen has blocked over 560 million attempts to download malware, recently averaging over 3 million blocks per day! Hosted in datacenters around the world, SmartScreen’s URL Reputation Service (URS) has evaluated over 250 billion URLs to help keep IE8 users safe from malware. Even more impressively, since IE7’s Phishing Filter was introduced in 2005, the URS has processed over 5.7 trillion reputation requests in order to block malicious web sites. Every day, Microsoft receives around 300 million telemetry reports from IE8 users and processes 4.1 billion URLs looking for malicious websites and files. On the back end, our systems and analysts evaluate over 1 terabyte of
Last week, the W3C HTML Working Group reached a decision to publish several new working drafts and these are now available. The discussion about what to publish and how to structure the HTML5 specification has taken several months. In November, at the TPAC meeting, a request was made for the Microdata section of the specification to be removed. Back in August, I posted about our support for a separate Canvas 2D API specification. Some people in the community raised concerns about exactly what should be in scope for the HTML working group. Tim Berners-Lee shared his thoughts: “I agree with the WG chairs that these items -- data and canvas -- are reasonable areas of work for the group. It is appropriate for the group to publish documents in this area. On the one hand, they elaborate areas touched on in HTML4. On the other, these elaborations are much deeper than the features of HTML4, but also they form separate subsystems, and these subsystems have strong overlaps with other design areas. It is important (a) that the design be modular; (b) that the specifications be kept modular and (c) that the communities of expertise of the respective fields (graphics and data) be involved in the design process.” We strongly support Tim’s call for modular design and modular specifications in web standards. Large monolithic documents are hard to consume and take longer to stabilise with well thought out engineering decisions. In fact, the decision to take these features from HTML5 and
Tab isolation has recently become a more popular topic. This post is a quick survey of what tab isolation is, how it works, and what it provides. What is it? Tab isolation is a way to improve a browser’s reliability by containing the impact of a crash. Depending on how it’s implemented, tab isolation can also help contain some security attacks. There are two different implementations available today, each with different benefits. In a tabbed browser without isolation, a problem in one tab can crash the entire browser. For example, a crash in a webpage in Firefox 3.6 or IE7 will bring down the entire browser. While modern browsers have features to recover tabs after a crash, the point of isolation is to contain the problem and prevent the browser from stopping. You can see a demo of this here (starting around 13:25). A Quick Historical Survey On March 5, 2008, Microsoft released the first IE8 beta with Loosely-Coupled IE (or LCIE for short). This was the first mainstream implementation of tab isolation. On September 2, 2008, Google Chrome’s first beta released with “process isolation.” Mozilla Firefox has recently discussed an “Out of Process Plugins” (OOPP) or Electrolysis project aimed at isolating Firefox plug-ins, such as Flash, from the rest of the browser. How do isolation approaches differ today in approach and benefits? There are a lot of different subsystems in a browser to isolate from each other, and different ways to do it. IE8 isolates the frame process
There are many tools in the market that allow you to customize your pages' cascading style sheets (CSS), but there are actually a very few that do the opposite—scan for all the CSS rules in the document and remove those that are not used. Cleaning out the CSS will not only reduce the bandwidth impact, but will also improve the performance of the browser (minimizing the time spent by the CSS engine to parse the style sheets). In this post, I will describe how to build that tool using a bookmarklet and a new standard function introduced in Internet Explorer 8: document.querySelectorAll(). Let’s start with the basics: a Web page can include many cascading style sheets, each of which is composed of one or more selectors. For instance, #elementId { }, .className { }, and body{ } are each examples of selectors. Using the function querySelectorAll(), you can programmatically inspect the DOM tree and count the number of times each selector is actually used. For instance, the following code snippet counts the number of times the CSS class Foo is used in the document: var selectorCount = document.querySelectorAll(“.Foo”).length; Now that we have this information, we need a way to run this script inside the document. For the purpose of this article, I didn’t want to change our server-side code. I decided to create a bookmarklet, which is a special link that can interact dynamically with the currently loaded page. The syntax of the bookmarklet is fairly straightforward: <a href="java
This post describes how IE8 determines what Document Mode such as Quirks or Standards Modes to use for rendering websites. This topic is important for site developers and consumers. It’s related to the Compatibility View List that we recently updated. This list is down by over 1000 websites, from over 3100 to just over 2000, since IE8 released last March. As we work with site developers and standards bodies, we’re excited to see the sites that need to be on the Compatibility View (CV) List continue to go down. Data-driven Design Before we dig in to the design details, I want to share some of the data we use to design the compatibility experience. When looking at the doctype and X-UA-Compatible meta tag and header on thousands of high traffic websites worldwide such as qq.com, netlog.com and those on the initial CV List, 26% specify Quirks such as amazon.com, tworld.co.kr, and unibanco.com.br. 41% specify a Transitional doctype that puts them in Almost Standards Mode. 14% have already added an X-UA-Compatible meta tag or HTTP response header to render in IE7 Standards Mode. Here’s why this makes sense; many high traffic websites want to render in as many browsers as possible, which is why they write for Quirks. Many websites have pages written specifically for IE7 and many web authoring tools such as Aptana Studio and Expression Web specify the Transitional doctype by default: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org
This post discusses some of the work we’re doing on the IE team to fulfill our commitment to document our support of web standards. A good starting point is Microsoft’s interoperability principles, something we’ve written about here on this blog before, and a principle that’s easy to see in action in our products, like IE8. The essence of interoperability in this context is that the same web page markup works the same way across different browsers. There are many challenges in getting to this goal. Even with the best intentions, as an industry we are still learning and working through how to do this well. You can look at how different tests run even today in modern browsers (for example here at 19:57). You can look at how standards evolve, like how quickly CSS2 became CSS 2.1, or the process to finish CSS 2.1 and make it a final Recommendation, or what happened between XHTML and HTML5. You can look at the challenge of delivering interoperable products while specifications are under construction (as in the case of 802.11 wireless). There are many challenges, and the web standards process, primarily at the W3C and similar organizations, is an important means to get the different communities involved to a consensus agreement. The work in developing a public CSS 2.1 test suite and contributing it to the W3C, our recent work on different aspects of HTML5, and the improvements in IE9’s interoperability we showed at PDC are all examples of our principles in action. You can try out s
In addition to our engagement in the SVG Working Group, Doug Schepers, W3C Team Contact for the SVG Working Group, and I are going to be presenting SVG: The Past, Present and Future of Vector Graphics for the Web, at MIX 2010 in Las Vegas this coming March to share help developers understand where SVG is headed. At Microsoft we have been investigating how SVG can deliver graphics for the next generation of the Web Development. Its inclusion in HTML5 promises many opportunities for developers to enhance their sites. We will provide an overview of SVG and how the standard is evolving to support a broader range of applications on the Web. Patrick Dengler Senior Program Manager
This post describes a set of best practices for setting the default search provider. Our goal continues to be keeping users in control of their browser, following our published Guidelines and Requirements for add-on development. If you write software that modifies Internet Explorer’s search settings or defaults through direct registry manipulation, your software may be contributing to user confusion and frustration. Whenever a program tries to modify the default search provider through direct registry manipulation (e.g. modifying the DefaultScope registry key directly as described in an earlier blog post ), IE8 intercepts the change and prompts users to confirm what they want: Figure 1: In this dialog, the software requests a search default change using the recommended SetDefault API and clear attribution is displayed. In this case, it is the Contoso Internet Toolbar software. If multiple search providers try to reset the registry key every time it changes, it causes a confusing and frustrating user experience. The above dialog box will re-appear every time the key is modified directly. IE8 includes a Search Provider Default configuration experience designed for this scenario. When your software uses the IOpenServiceManager API (to install a search provider) and the SetDefault API (to request users set it as their default), users will see clearer communication about what is happening. This transparency is an important part of the user being in control. The following code s
As a web browser, Internet Explorer is a platform for many kinds of add-ons (here are some great examples). IE users generally don’t distinguish between add-ons and Internet Explorer when it comes to performance, reliability, or privacy. They just use IE and expect it to work. That’s why the best add-ons do a good job of integrating with the IE user model, letting customers “just browse”. Recently, Adobe announced that their latest version of Flash supports InPrivate Browsing. Version 10.1 of Flash will now respond to interfaces we built into IE8 when we first released it. When you browse to a site with Flash, it can store “Flash Cookies”, which are files created by Flash that websites can use to store data. Now, just like your IE history and cookies, these Flash objects will be deleted when you close your InPrivate Browsing window. We’re really happy to see Flash adopt our InPrivate Browsing feature, and happy to see that they’ve also supported private browsing in Firefox and Chrome as well. Great job Flash team! Andy Zeigler Program Manager
In this post, I want to share some examples of the progress going on in the SVG Working Group. Microsoft recently joined the SVG Working Group, and other members (Mozilla, Apple and Opera among others) welcomed us warmly. I'm hopeful about the ways that SVG (both its current direction and future potential) could make the web better. We want the spec to be clear, consistent, and predictable for developers. We’re working out ambiguities such as “Pointer events and clip-paths”, “CSS Selectors <use> and as well as inconsistencies with stroked-dasharray” and “<use> and its interaction with the DOM and rendering” so that web developers can write SVG once and know that it will be interoperable across browsers. I have to admit I was a little hesitant at first to get guidance and clarity on a dozen or so items we found to be ambiguous (see public SVG WG discussion threads), however the positive response has been overwhelming. Of course we are not the only members raising these issues, but we are happy to be a part of the process. The future of SVG is bright. Additionally, Microsoft looks forward to hosting the next SVG Working Group face-to-face meeting in Brussels this May. A special thanks to those on the Working Group for their warm welcome and shared goals of creating a specification that will promote standards based interoperable graphics for the web. Patrick Dengler Senior Program Manager Internet Explorer Team
Today we released a Cumulative Security Update for Internet Explorer. We’ve released this Cumulative Security Update earlier than originally scheduled based on malicious activities reported on the web. The update is available via Windows Update and Microsoft Update. Most users configure their machines to update automatically; you can find more information on that here. This update actually includes 236 separate packages for all the different languages and versions of Windows and IE that customers run and Microsoft supports worldwide. We release these packages simultaneously for all supported products and languages as part of this update. The complete matrix of browsers, operating systems, and languages is available in the security bulletin. At a high level, these packages cover: Seven operating system versions: Windows 2000, Windows XP, Windows Server 2003, 2008, and 2008 R2, Windows Vista and Windows 7. Customers run 32-bit, 64-bit, as well as Itanium versions of some of these operating systems, as well as a variety of different service packs. Four different versions of IE: 5.01, 6, 7, and 8. All supported languages. Older versions of Windows require separate language-specific packages, typically between 18 and 25. Windows Vista and later operating systems have a single language-neutral binary to update IE. We test each security fix thoroughly with different variants of the security issue. We also test the entire package extensively for compatibility and reliabili
A new version of the Crawler Toolbar has recently been released and comes with many improvements to the user experience similar to the changes we described in a previous post about the AVG Security Toolbar. It’s another great example of the Guidelines for add-on developers in action. Here are some high-level examples of the changes they’ve made: The close button is visible so that users can manage it like other toolbars. Additionally, the toolbar is positioned in a supported location which improves stability and performance. It no longer modifies the new tab page to maintain a predictable new tab experience for users. Many thanks to the Crawler Toolbar team for the work they’ve done to provide a more predictable and reliable experience, keeping users in control of the browser. -Paul Cutsinger and Herman Ng Before: Previous version of Crawler Toolbar After: Newest version (5.1.0.177) of the Crawler Toolbar provides a more predictable experience and lets users stay in control of their browser
As a part of Microsoft’s continued commitment to interoperability and standards support, yesterday we submitted our request to join the Scalable Vector Graphics (SVG) Working Group of the World Wide Web Consortium (W3C). We’re excited to take part in ensuring future versions of the SVG spec will meet the needs of developers and end users. As stated on its Web site, “the mission of the SVG Working Group is to continue the evolution of Scalable Vector Graphics as a format and a platform, and enhance the adoption and usability of SVG in combination with other technologies.” We recognize that vector graphics are an important component of the next generation Web platform. As evidenced by our ongoing involvement in W3C working groups, we are committed to participating in the standards process to help ensure a healthy future for the Web. Our involvement with the SVG working group builds on that commitment. To date, I have had several interactions with the SVG working group, and their clear dedication to creating a great technology for end users and developers alike stands out. I personally look forward to future and more direct involvement with this great set of folks. Patrick DenglerSenior Program ManagerInternet Explorer Team
Happy Nw Year!
Introduction There are a lot of really cool services out there, and I think a lot of them would fit in really well with Accelerators. But even though there’s a lot of value to be had in creating Accelerators, I don’t think we’ve ever had a blog post explaining a step-by-step process for how to do it. I’m hoping this post will help with that. I’ve been working on the feature for a while, so I’ve come up with some tips and best practices that have helped me become more efficient in building Accelerators. There are also a few mistakes I’ve seen (and made!) over and over again, so I’ll talk about those in the hope of making the development process a bit easier for everyone else out there. Building an Accelerator Accelerators streamline the common copy-navigate-paste operation by enabling users to send selected content from the current webpage to one of their favorite services. Fortunately, even though the feature is quite powerful, it’s actually quite easy to write code that uses it. Here’s a step-by-step guide for creating a simple Accelerator. First, I’ve put up an Accelerator template, with sample information pre-loaded. All you need to do is swap out the sample information for yours. Note that you don’t need to be the service provider to build an accelerator that interacts with a service. If you can find the following information, then you can build an accelerator for virtually any service you want. Here are the steps: First, choose a <homepageUrl> for your Accelerato
We’ve just returned from Add-on-Con, an annual conference for browser add-on developers held at the Computer History Museum in Mountain View California. The add-on development community is an entrepreneurial bunch of people and it’s exciting to hear about what they’re working on. Herman Ng, Christopher Griffin, and I were there to present and chat with people. Matt Crowley was also in town so he was able to stop by for part of the day. Herman spoke about best practices to improve reliability and performance. This topic really resonated with the audience. It’s clear developers want to deliver a great experience to customers by building cool features, having great reliability and performance, and getting exposure in the IE Add-on gallery. Based on the amount of interest we saw, Herman will be reworking his presentation into a series of blog posts starting early next year. So you don’t have to wait, I’ll give you two of Herman’s quick tips for add-on developers now. Get crash reports for your add-on from Windows Quality Online Services (Winqual). This is a great resource for discovering and debugging crashes in your product. Post your add-on to the IE Add-on gallery. Developers click “join” and then click on your username to upload add-ons. My presentation covered how to build Webslices (msdn), Accelerators (msdn), and Search Providers (msdn). These extensions are a great way to connect your customers with your services without the risk of introducing performance or reliabilit
The IE Cumulative Security Update for December 2009 is now available via Windows Update or Microsoft Update. This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The security update addresses these vulnerabilities by correcting the control and by modifying the way that Internet Explorer handles objects in memory. For detailed information on the contents of this update, please see the following documentation: Microsoft Security Bulletin MS09-072 Microsoft Knowledge Base Article 976325 This security update is rated Critical for all supported releases of Internet Explorer: Internet Explorer 5.01, Internet Explorer 6, Internet Explorer 6 Service Pack 1, Internet Explorer 7 (except when running on supported editions of Windows Server 2003 and Windows Server 2008), and Internet Explorer 8 (except when running on supported editions of Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2). For Internet Explorer 7 and Internet Explorer 8 running on Windows servers as listed, this update is rated Moderate. IE security updates are cumulative and contain all previously released updates for each version of Internet Explorer. I encourage everybody to download this security update and other non-IE security updates via Windows Update or Microsoft Update. Windows users are also strongly encouraged to configure their systems for automatic updates to keep their systems current with th
Last week at PDC, as we were about to start talking to people about IE9, I saw the following notification from my Facebook account: From: Facebook [mailto:notification+mwm5axbx@facebookmail.com] Sent: Tuesday, November 17, 2009 10:05 AM Dina posted something on your Wall and wrote: "funny vid of u, you see it? http://www.facebook.com/l/ca339;hTTP://www.N70.InFO/2d" To see your Wall or to write on Dina's Wall, follow the link below: <..> Thanks, The Facebook Team The message was from someone I know pretty well, and I believed the message. The address itself (http://www.n70.info/2d) wasn’t that suspicious; there are a lot of URL shortening services, and the .info domain has many legitimate sites on it. So I clicked the it: and thought – whew. IE8’s SmartScreen now blocks malware sites over two million times a day. IE8 offers a lot of protection from real-world attacks: phishing protection, a cross-site scripting filter, and Protected Mode (I may run as an administrator, but my browser doesn’t). With attacks on the rise, using (or upgrading to) a browser with this much protection is more important than ever. IE8 also offers great reliability because of process-isolation, and offers users the ability to manage add-ons that affect performance and stability. InPrivate Browsing and InPrivate Filtering are also quite handy. I wrote back to my friend, and she was surprised. You can read Facebook’s guidance about what to do if this happens to you or a friend. Dean Ha
We’re just about a month after the Windows 7 launch, and wanted to show an early look at some of the work underway on Internet Explorer 9. At the PDC today, in addition to demonstrating some of the progress on performance and interoperable standards, we showed how IE and Windows will make the power of PC hardware available to web developers in the browser. Specifically, we demonstrated hardware-accelerated rendering of all graphics and text in web pages, something that other browsers don’t do today. Web site developers will see performance gains and other benefits without having to re-write their sites. Performance Progress. Browser performance involves many different sub-systems within the browser. Different sites – and different activities within the same site – place different loads and demands on the browser. For example, two news sites might look similar to a user but have very different performance characteristics. Because of how the developers authored the sites, one site might spend most of its time in the Javascript engine and DOM, while the other site might spend most of its time in layout and rendering. A site that’s more of an “application” than a page (like web-based email, or the Office Web Apps) can exercise browser subsystems in completely different ways depending on the user’s actions. The chart below shows how much time different sites spends in different subsystems of IE. For example, it shows that one major news site spends most of its time in th
I spend a lot of time dealing with problems users encounter when using Internet Explorer. As a result, when I write about add-ons, I’m usually talking about misbehaving code that is wrecking the browser. However, it’s not all doom-and-gloom out there, and I’m delighted to share my favorite browser add-on with you. I first came across Ralph Hare’s work when perusing the IE add-on sample code at CodeProject. Ralph and I both liked mouse gestures and wished that Internet Explorer offered them. For those of you who have never used mouse gestures, basically, they allow you to trigger commands like back, forward, refresh, etc, without using the keyboard or clicking on toolbar buttons or menus. While not everyone wants to use mouse gestures, some of us find them incredibly compelling. This sweet spot makes gestures the sort of feature ripe for implementation as an add-on. Fortunately for all of us, Ralph is a great developer and he put together a fantastic gestures add-on for IE which has evolved and improved a lot over the last six years. I’ve installed his add-on on every computer I’ve used since discovering it, and I now find it annoying to use browsers that don’t support gestures. It’s an ironic turn of events for me, since I’ve been a keyboard snob for over a decade. :-) What makes this add-on so great? Respect for the User. The gestures add-on respects your existing browser settings, and does not attempt to change your default homepage, search provider, favorites, user-agent s
This week the W3C holds its annual Technical Plenary and Advisory Committee meeting (TPAC 2009). There will be about a dozen people from the IE team participating and this is a valuable opportunity to continue working together with other W3C members on the next generation of web standards. High quality specifications that improve interoperability between browsers are important. Our goal is to help ensure these new standards work well for web developers and will work well in future versions of IE. We will participate in a number of browser related working group meetings including accessibility, CSS and HTML sessions. For many groups, this is the only face to face time participants will get and so this is a perfect time to put faces to email addresses. Held in Santa Clara, California this year, the close proximity to many of the companies involved in the W3C means a large number of attendees is expected. Over the last few months, some of us in the IE team have been working through the HTML5 working draft reviewing the specification text. It is interesting to exchange ideas and help the specification become clearer and I am looking forward to seeing many of the people involved again. There has been a long discussion about the submission we made to the HTML working group about distributed extensibility. Tony Ross, the author of our discussion document, will be participating in a panel on extensibility with Jonas Sicking from Mozilla on Wednesday. Eliot Graff, a lead technica
We are pleased to announce that the Internet Explorer Administration Kit (IEAK) 8 now supports creating custom Internet Explorer 8 packages in a total of 43 languages. IEAK8 can be downloaded from http://ieak.microsoft.com. Custom Internet Explorer 8 packages can be created in the following platform and language combinations: Windows XP SP2 or SP3 x86: Total languages: Arabic, Bengali, Bulgarian, Chinese (Simplified), Chinese (Traditional), Croatian, Czech, Danish, Dutch, English, Estonian, Finnish, French, German, Greek, Hebrew, Hindi, Hong Kong Chinese, Hungarian, Indonesian, Italian, Japanese, Kannada, Korean, Lithuanian, Latvian, Malayalam, Norwegian Bokmal, Polish, Portuguese (Brazil), Portuguese (Portugal), Punjabi, Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Telugu, Thai, Turkish, Ukrainian New languages: Bengali, Bulgarian, Croatian, Estonian, Hindi, Hong Kong Chinese, Indonesian, Kannada, Lithuanian, Latvian, Malayalam, Punjabi, Romanian, Serbian, Slovak, Slovenian, Telugu, Thai, Ukrainian Windows XP SP2 x64 and Windows Server 2003 SP2 x64: Total languages: Chinese (Simplified), Chinese (Traditional), German, English, Spanish, French, Italian, Japanese, Korean, Portuguese (Brazil), Russian Windows Server 2003 SP2 x86: Total languages: Chinese (Simplified), Chinese (Traditional), Czech, German, English, Spanish, French, Hungarian, Italian, Japanese, Korean, Dutch, Polish, Portuguese (Brazil), Portuguese (Portugal), Russian, Swedis
The IE Cumulative Security Update for October 2009 is now available via Windows Update or Microsoft Update. This update addresses three privately reported vulnerabilities and one publicly disclosed vulnerability. The security update addresses these vulnerabilities by modifying the way that Internet Explorer processes data stream headers, validates arguments, and handles objects in memory. For detailed information on the contents of this update, please see the following documentation: Microsoft Security Bulletin MS09-054 Microsoft Knowledge Base Article 974455 This security update is rated Critical for all supported releases of Internet Explorer: Internet Explorer 5.01, Internet Explorer 6, Internet Explorer 6 Service Pack 1, Internet Explorer 7, and Internet Explorer 8. As a reminder, IE security updates are cumulative and contain all previously released updates for each version of Internet Explorer. I encourage everybody to download this security update and other non-IE security updates via Windows Update or Microsoft Update. Windows users are also strongly encouraged to configure their systems for automatic updates to keep their systems current with the latest updates from Microsoft. Terry McCoy Program Manager Internet Explorer Security
The AVG Security Toolbar team has recently released a new version of their toolbar. It has a more predictable user experience and does a better job of allowing users to stay in control of their browser. It’s a great example of the Guidelines for add-on developers in action. It’s encouraging to see the example set by the AVG Security Toolbar team. They’re building valuable add-ons for people and at the same time they’re respecting user choice. Here are some high level examples of the changes they’ve made in the new version of their toolbar: It no longer takes over the search provider. Instead it uses the proper IE8 set default provider API so that users can choose their default. The close button is visible so that users can manage it like other toolbars. Additionally, the toolbar is positioned in a supported location which improves stability and performance. It no longer modifies the new tab page to maintain a predictable new tab experience for users. Kudos goes out to the AVG Security Toolbar team. On behalf of our shared customers, thanks. Following the Guidelines and using supported extensibility points in this way means that people have a consistent and reliable experience that allows them to stay in control of their browser. This is exactly what we’d like to see from all add-on developers. Before: Previous version of AVG Security Toolbar After: Newest version (2.507.24.1) of the AVG Security Toolbar provides a predictable experience and lets users stay in control of
This post is a guest post from Steve Guttman, of the Expression Web team. Expression Web has created an interesting tool, SuperPreview, which we thought the IE blog audience would be interested in. Internet Explorer 8 is an important release because it reconfirms Microsoft’s commitment to interoperability and renewed emphasis on Web Standards. My team—which develops the authoring tool, Expression Web—is also pretty emphatic about Web Standards. We’re in the process of doing significant tooling (and retooling) so we can support existing and emerging specifications, reliably. The Expression Web team recently shipped SuperPreview for Internet Explorer, a FREE tool for performing cross-browser debugging across Internet Explorer, including versions 6, 7, and 8. This tool also helps developers and site owners in migrating their sites from earlier versions of Internet Explorer to the standards-compliant Internet Explorer 8. This is a subset of the full version of SuperPreview (which also supports Firefox) and which ships with Expression Web 3. You can download it here. You can learn more about SuperPreview for Internet Explorer on the Expression Web team blog. Thanks, Steve Guttman Product Unit Manager Expression Web
It’s well understood that the typical computer users today spend much of their time in their web browser, making it the most important software on their computer. Users expect their browsers to be easy to use, fast, stable and secure. Over the past few months, users have downloaded thousands of great browser add-ons from www.ieaddons.com and other web sites. Users want to use browser add-ons to enhance their browsing experience, not hinder it or make it more confusing. We have published a full list of guidelines to help add-on developers create quality add-ons. We created these guidelines to respond to demand from the developer community and to help share the thinking of the IE team, gathered from years of providing support to users and developers. We strongly recommend that developers follow these guidelines when developing add-ons for IE users. We occasionally come across add-ons that violate these guidelines so egregiously that we treat them as malware; on the other hand, we frequently see really helpful and creative add-ons that put the “user in control” and enhance the browsing experience. Here are the core aspects of our guidelines: Do not limit the user’s ability to access Internet Explorer features Users require access to the entire set of Internet Explorer features, including but not limited to: the address bar, search box and new tab page to navigate and search the Internet easily and safely. Users
This post follows up on my original Operation Aborted post to provide some additional information and assistance for web site owners or 3rd party script libraries. Recap Nearly a year-and-a-half ago, I blogged about an error that can occur on some websites that generate content via script. This content can cause Internet Explorer’s HTML parser to get into an unrecoverable state, which makes it doubly-hard to find and diagnose why this error is happening. When this state occurs, the HTML parser cannot continue, and simply throws up its hands and admits: “Operation aborted!” Early in IE8’s development, we put in a mitigation that alleviated the worst side-effects of this problem. Rather than show a modal dialog and then navigate away from the page after you press OK, instead we removed the dialog and transferred the error notification into the status bar (to the script error notification area). As a result, you are not interrupted by a dialog and you can continue to view the current web page. You may not have even noticed that this error occurred; yet the HTML parser does come to a grinding halt (for that tab only) and any additional content will never be processed. Not too long after IE8 was released, we began hearing reports of IE8 customers continuing to see the old operation aborted dialog! While we knew that we hadn’t fixed every possible scenario that could cause the dialog to appear (it’s triggered as a catch-all for many subsystems such as the navigation stack and net