Print 63 comment(s) - last by Locutus465.. on Mar 29 at 9:04 AM

Microsoft takes a giant step forward in making Windows more secure

BusinessWeek is reporting that Microsoft's next release of Internet Explorer, version 7, will not be integrated into Windows. Breaking nearly ten years of tradition, Internet Explorer was always very tightly integrated into Windows, allowing users to do such things as launch a website directly from any Windows Explorer window, or save a live web page as the desktop wallpaper.

Security analysts have been telling Microsoft for a while now though, that doing so would cause significant security problems for Windows. Indeed this has been the case. Windows itself has been under much scrutiny over recent years by the security industry as well as the hacking and virus communities. Exploits that were found to exist in current versions of Internet Explorer, were used to attack the core operating system because of the tight integration.

Microsoft itself had claimed that Windows XP is its most secure OS, and while it may be true in some respects, the claim sparked an onslaught of attacks from all sorts of malicious software. Despite ongoing security updates by Microsoft, analysts believe that removing Internet Explorer from the core of Windows will improve the overall security of the OS more so than many of its small patches combined. Despite the move to improve OS security by Microsoft, Internet Explorer will still ship with Windows Vista.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Holy crap
By shaw on 3/24/2006 2:47:56 PM , Rating: 4
Newer versions of Windows might actually have some added security now.

*passes out*

What's next, Microsoft supports OpenGL?

RE: Holy crap
By Assimilator87 on 3/24/2006 3:22:26 PM , Rating: 2
I thought all the 3D features in Vista ran on OpenGL. Anyways, this might be the thing that makes me change over to Firefox. Right now I'm running the IE 7 beta and I like it much better than FF because MS did a good job placing the New Tab button, but if FF addds some new features I'll switch over. I only use IE cuz I don't like having a browser on top of one that the OS already comes with.

RE: Holy crap
By AnotherGuy on 3/24/2006 4:14:58 PM , Rating: 2
dude FF has a New Tab button too ... u just need to configure it to be on ur buttons... try Options and u will find it somewhere there...

RE: Holy crap
By TheLiberalTruth on 3/24/2006 5:49:10 PM , Rating: 3
How about trying CTRL + T. It's even easier than a button.

RE: Holy crap
By cookj128371 on 3/24/2006 8:37:32 PM , Rating: 3
How bout middle-clicking on the Home button? Then not only do you get a new tab, but it's conveniently at your home page which, if you're like me (my home page is my personalized Google page), you use all the time anyway.

RE: Holy crap
By Spoelie on 3/26/2006 11:59:00 AM , Rating: 2
How about double clicking on empty space in the tab-bar.

RE: Holy crap
By CheesePoofs on 3/24/2006 11:42:32 PM , Rating: 3
I use both. Have the new tab button in ff and use CTRL + T. They both have their uses.

RE: Holy crap
By Wwhat on 3/25/2006 4:54:21 AM , Rating: 1
vista's GUI on opengl? I hope that's sarcasm, actually vista will not be compatible with opengl at all, even for games, for opengl the graphiccardsmakers will have to write a wrapper that runs through directx with huge performance loss.
Micosoft claims it's for 'security', and not to kill linux and opensource coding AT ALL, no no, what made you think that?

RE: Holy crap
By OvErHeAtInG on 3/25/2006 12:49:01 PM , Rating: 2
Yep - this will probably be THE thing which makes me not upgrade to Vista for as long as I can help it, which is hopefully until they allow OGL

RE: Holy crap
By ChronoReverse on 3/25/2006 3:11:20 PM , Rating: 2
That is not true. rchive/200%206/0...

OGL is fully support and will suffer no performance penalty. Just like with WinXP, it will be up to ATi and nVidia to provide a proper Vista driver.

RE: Holy crap
By ChronoReverse on 3/24/2006 7:42:38 PM , Rating: 2 rchive/2006/02/2...

Already done. Microsoft Windows Vista has three paths for OGL, INCLUDING a full-acceleration one.

RE: Holy crap
By AnnihilatorX on 3/25/2006 9:09:12 AM , Rating: 2
I thought it only supported OpenGL 1.4
Wheras OpenGL is already up to 2.0

RE: Holy crap
By ChronoReverse on 3/25/2006 2:49:10 PM , Rating: 2
Did you try reading the link I posted? There are three paths for OGL in Vista.

1. Microsoft built-in driver. Unlike the WinXP one which was software emulated, this one will hook into D3D10 and provide OGL 1.4 at about 50% speed.

2. The old ICDs from ATi and nVidia. Basically the OGL drivers you used in WinXP will work. Unfortunately, since they're using the old driver model, the desktop manager has to be turned off.

3. The new ICDs from ATi and nVidia, AKA Vista drivers. Full accelerated OGL functionality up to as much as the vendors provide working seemlessly with the desktop window manager.

RE: Holy crap
By Assimilator87 on 3/25/2006 3:10:50 PM , Rating: 1
If Vista does offer only crippled OpenGL then iD Software would badger Microsoft like crazy since all of their games are OpenGL.

RE: Holy crap
By ChronoReverse on 3/25/2006 3:12:50 PM , Rating: 2
What kind of response is that? Vista offers FULL OpenGL functionality. It is just like WinXP in that you just need to install the graphic card drivers.

Have you tried WinXP's native OpenGL? It is slow as hell. But install the drivers for the card and it'll be fast.

RE: Holy crap
By Locutus465 on 3/29/2006 9:04:43 AM , Rating: 2
I'm not exactly and expert on how modern graphics acceleration work, but based on my limited understanding I'm not sure what microsoft would need to do to support OpenGL on windows. To the best of my knowledge OpenGL is already supported on Windows because all modern GPU's are packaged with drivers that allow OpenGL to communicate with and use the GPU. Traditionally I beleive this was called the OpenGL ICD (installable client driver). So I'm not seeing what microsoft it's self needs to do, OpenGL already works under Windows as far as I know.

Are my eye decieving me?
By stupid on 3/24/06, Rating: 0
RE: Are my eye decieving me?
By Homerboy on 3/24/2006 2:57:54 PM , Rating: 2
you're name is fitting

RE: Are my eye decieving me?
By Homerboy on 3/24/2006 2:58:12 PM , Rating: 4

ha! the ironicness

RE: Are my eye decieving me?
By masher2 on 3/24/2006 3:06:01 PM , Rating: 3
"Irony", perhaps?

RE: Are my eye decieving me?
By shaw on 3/24/2006 3:17:12 PM , Rating: 5
Murphy's law dictates that when you try to make somebody look like an ass when you have no ability to edit your post you will screw up yourself.

RE: Are my eye decieving me?
By Bonesdad on 3/24/2006 5:06:39 PM , Rating: 2
Brittany Murphy said THAT?

RE: Are my eye decieving me?
By Scrogneugneu on 3/24/2006 7:51:53 PM , Rating: 3
Nope, that was Eddy.

RE: Are my eye decieving me?
By Howard on 3/25/2006 1:18:10 AM , Rating: 3
You mean Eddie?

I'm surprised...
By BigToque on 3/24/2006 2:52:05 PM , Rating: 1
Microsoft said that IE could not be removed from the core of the OS.

RE: I'm surprised...
By middlehead on 3/24/2006 2:56:20 PM , Rating: 2
It cannot be removed from the core of an OS it is a part of.

It can be left out of the core of a new OS.

RE: I'm surprised...
By BigToque on 3/24/06, Rating: 0
RE: I'm surprised...
By masher2 on 3/24/2006 3:05:26 PM , Rating: 3
It is exactly a new OS. It has a large degree of code recycled from older versions (as we would expect, and indeed desire) but major parts are new and/or rewritten.

RE: I'm surprised...
By Wwhat on 3/25/2006 4:59:29 AM , Rating: 1
Yes, they found that old code just was too fast and not easily exploited enough, but with hard work and diligence they hope to slow everything to a crawl even on future CPU's


RE: I'm surprised...
By Panurge on 3/24/2006 7:22:12 PM , Rating: 4
If you do a little research, you'll see that Vista [i]is [/i] a new OS. One of the primary reasons that it took so long to release is that they started by working with the NT kernel from Windows XP and realized it wouldn't work. At that point, they pretty much scrapped the project and started from the ground up.

As the other posted said, there will surely be recycled code, but only for non-critical things. The critical things, like using IE code to run Explorer, were changed completely. This article shows that explorer no longer runs on IE code, but it's own set of code, which removes the exploits that came from the code being exactly the same.

GJ Microsoft
By phatboye on 3/24/2006 3:50:02 PM , Rating: 1
This is the best news I have heard from Microsoft all year. If I am able to remove all of that bloatware that ie adds to the OS then that would mean faster OS start-up times plus a more secure OS. I am so glad to see Microsoft take a step in the right direction this time.

It's also good to see that microsoft is finally realizing what a POS ie is.

This definately give me one reason to consider upgrading to vista.

RE: GJ Microsoft
By TomZ on 3/24/2006 4:11:11 PM , Rating: 2
By how much do you think that removing IE will improve start-up time, and how much "bloatware" do you think it will remove, percentage-wise relative to the rest of Windows?

RE: GJ Microsoft
By cookj128371 on 3/24/2006 8:45:50 PM , Rating: 2
Here's my understanding (someone correct me if I'm wrong):

Removing IE will probably not improve startup time much, if any. The OS core uses "explorer" which currently shares most of its components with IE (or rather, IE extends explorer). Since Vista is built on the Windows Server 2003 codebase, explorer will still be crucial for the OS to run. All MS is doing here is duplicating some of the code explorer uses and moving it into its own space for IE to use. That way you can remove IE (and its duplicate (and further extended) code) without screwing up critical system components.

RE: GJ Microsoft
By phatboye on 3/25/2006 4:36:36 PM , Rating: 2
If all they did was duplicate the code then who would that imporove how secure the OS is? I'm sure there is more to it than just duplicating the code.

RE: GJ Microsoft
By Targon on 3/25/2006 5:42:18 PM , Rating: 2
A part of the security problem has been how tightly IE is integrated into the operating system as well as the ActiveX issues. If IE really has been seperated and only runs as an application on top of the OS the way it should have been since Windows 98 came out, then the normal security system of Vista could theoretically make IE7 more secure the way another browser would be. The key is how much control over a system ANY application can get.

RE: GJ Microsoft
By phatboye on 3/25/2006 4:37:30 PM , Rating: 2
If all they did was duplicate the code then how would that imporove how secure the OS is? I'm sure there is more to it than just duplicating the code.

By GameManK on 3/24/2006 7:26:02 PM , Rating: 2
the OS being well integrated is not necessarily bad. it just has to be implemented well. I guess microsoft doesn't know how to do that and gave up.

IMO this now reflects badly on KDE for no good reason

RE: whatever
By PLaYaHaTeD on 3/24/2006 7:57:20 PM , Rating: 3
Those are some strong words. I'd like to see you implement it "well". The fact of the matter is, integrating the browser into the OS is a recipe for disaster. I'm not saying microsoft's development teams are the best on the planet, but i'd like to see how well you would stack up when the whole world is gunning to exploit your code.

Coming from a software developer, shit ain't that easy.

RE: whatever
By slashbinslashbash on 3/25/2006 5:13:38 AM , Rating: 2
This can't reflect badly on KDE since KDE is a window manager, not an operating system. KDE exploits can't be used to gain root access, because root access is controlleded by the OS, not KDE.

RE: whatever
By GameManK on 3/25/2006 2:44:06 PM , Rating: 2
And that's what I mean by implemented "well". KDE has konqueror which is a file manager and a webbrowser and just about everything else. You can have a webpage for a desktop etc etc. Everything is well integrated together. This isn't a security exploit because the file manager is not the OS and as you said you need root access. But a newbie/potential adopter doesn't know that! Look at it from a more newbie point of view: "They say windows got SO much better and safer because IE and windows explorer arent the same thing anymore. This linux thing uses this program that does all those things. It must be very bad. I'm gonna get hacked if I use that... it sux like win9x etc etc.. They say its better and safer wtf liars."

And yeah of course I realize it's all extremely difficult to make. In fact, I think microsoft did really well with XP, except for the whole activation thing. I just don't think they're making 5 years of progress with Vista (except in the system requirements).

By RandomFool on 3/24/2006 7:45:45 PM , Rating: 2
The comment in this article just prove the point that some people will complain about anything Microsoft does no matter what it is.

I for one think this is a good thing. Although I wonder how this will affect people with XP who are planning on using IE7 the beta version worked fine for me though so i'm not too worried about it. Vista seems to be shaping up to be a pretty good operating system from everything I hear about it.

RE: Neat
By mindless1 on 3/25/2006 11:53:57 AM , Rating: 3
yes people will complain, consider reasons:

Add hundreds of MB bloat then remove a few dozen- diminishing return

Advertise a product like XP for it's security then get shafted with "buy our NEXT product to get what you already paid for". What's the saying, fool me once shame on you, fool me twice...

IE7 if/when installed by default, will remain on a very large % of systems. You don't have to be infected yourself to be effected by the larger problem. The OS should always ship, have maximum security default configuration. The user should have to OPEN a hole for it to exist, and be informed explicitly of the repercussions of their choices by the OS/dialog. Instead, Windows continually becomes dumbed down to where everything is guided as if it's all just "click a color gradient icon and ignore reality".

Now, MS is doing the right thing, cutting some ties between the browser and OS, it itself that is better than NOT doing what they have. Is it enough? Is it enough, soon enough? Is this what the whole world, including IMPORTANT systems should be relying on? Big risk when you buy a product with the word "security" tacked on. IN a normal market, people seek such a feature because they want and indeed, should expect to get it.

RE: Neat
By TomZ on 3/25/2006 12:15:35 PM , Rating: 2
Where did you dream up all these demands? No other OS even comes close to what Windows is doing to proactively combat security issues. Do you think if Linux or Mac OSX had 90% of desktop marketshare, that there wouldn't be zillions of viruses written that exploit weaknesses in those OSs? Do you think those OSs have better security? Get real.

RE: Neat
By RandomFool on 3/25/2006 8:31:56 PM , Rating: 2
I never said that MS was perfect all I was saying is that even when MS starts trying to make things better there's tons of people out there who just want to complain and bash them to pieces. They are the most used OS around (and will be for a long time) so anything they do to make things safer/easier should be applauded, even if it is fixing a mistake they made in the past.

My thoughts are the OS should ship with a configuration that works ala as little time setting up and configuring stuff as possible. Security is a great thing. However, you also need to make it accessible no body is going to want to use it. Especially when much of the market doesn't know that much about computers. It's not as easy as just leaving it closed until a user turns it on because most users won't understand exactly how it'll affect them. They'll know "If I turn this on then my program X will work. OK let's do it."

And another thing, why does everyone seem to assume that MS can see into the future and foresee all the bugs in their code. Every OS has bugs and holes in it. If everyone was running OS X there would still be viruses and exploits everywhere. I'm sick of hearing that "fool me once" quote, MS couldn't have known all these problems were going to crop up. Yes they could have checked harder and more thoroughly but

By Mitul89 on 3/24/2006 2:48:53 PM , Rating: 2
so what is kind of browser will the windows come with? I know that im going to just continue using firefox but im just little curious to know what they will use for the browser.

RE: so?
By shaw on 3/24/2006 2:51:07 PM , Rating: 2
It just means for Vista can uninstall IE7 from your PC totally and not have to worry about IE exploits. XP users are still SOL.

RE: so?
By TomZ on 3/24/2006 4:15:27 PM , Rating: 2
The article doesn't say that Vista will not include Internet Explorer. It said that it won't integrate Internet Explorer. That means that it will probably be there by default after an OS load, but you'll be able to easily uninstall it, much like you can do with MSN Explorer and Outlook Express in WinXP.

By the way, many applications use Internet Explorer as an ActiveX control. So even if you uninstall IE, you'll probably have application installers that will re-install a good portion of IE so they can run correctly.

By sprockkets on 3/24/2006 4:26:07 PM , Rating: 2
What about every application out their that depends on windows IE? are they willing to break everything that depends on it? What will the windows help system use?

I do not believe that.

And even so, explorer.exe does all the same stuff anyhow.

If you want proof that this is really true, see if uninstalling and reinstalling IE7 on vista restores it back to default without the other 3rd party customizations that ISPs do to it, and I'll believe you.

RE: so
By Snuffalufagus on 3/24/2006 6:28:02 PM , Rating: 2
The help system is most likely independant now, why would you think it would require IE? Just beacuase it did in the past has no bearing on Vista.

If an app relied on IE6, it should be able to make the same or functionally similar calls to IE7. If they were relying on insecure methods, then yeah, maybe they're broken, but that's what everyone wants, more security, less freedom. It would be up to the app developer to get their code up to par.

RE: so
By TomZ on 3/24/2006 8:53:17 PM , Rating: 2
The help system is most likely independant now, why would you think it would require IE?
The newer help systems all are based on HTML, and AFAIK, they all use the IE ActiveX control. This includes the newest help client, the Microsoft Document Explorer.

I agree that apps that use IE6 ActiveX control should still work properly with IE7, assuming that MS provided an IE6-compatible interface, which they probably did. But if not, then lots of apps would have to be updated, which requires a bit more effort than just waving a magic wand.

A dream come true
By JSchwage on 3/24/2006 4:16:33 PM , Rating: 2
This is definitely the best news from Microsoft I've heard in my entire life. Microsoft has just made one giant step towards making a better operating system.

RE: A dream come true
By Googer on 3/24/2006 11:31:06 PM , Rating: 2
This is definitely the best news from Microsoft I've heard in my entire life. Microsoft has just made one giant step towards making a better operating system.

One small step for Microsoft, one giant leap for mankind....

Vista Beta Experience
By Tegeril on 3/24/2006 6:14:50 PM , Rating: 2
I loaded Vista and Office 2007 latest betas onto a spare laptop HD and fired it up on my 2ghz Pentium M (Dothan), 1gb of ddr pc2700 ram, and a radeon 9700 mobility.

Performance was smooth and glorious - I couldn't stop gawking at the prettiness =)

That said, I was testing some software that was clearly not ported for Vista (Cisco VPN client, VirusScan Enterprise from McAfee) and other random things that install all sorts of services. In the end I crippled IE7. I'd launch it and a window would come up saying that Internet Explorer was no longer working and that it was searching for a solution (it never found one) - but IE being totally broken did not hamper operation of the OS (and I had already downloaded Firefox which worked like a charm).

RE: Vista Beta Experience
By Tegeril on 3/24/2006 6:16:50 PM , Rating: 2
And when I say did not hamper, I mean, I was still able to run the integrated Windows Update feature, the Window Defender update, as well as use explorer without trouble. So to whoever one post up, I bet the help system will work without IE functioning as well.

Wait a minute...
By stmok on 3/26/2006 1:15:02 PM , Rating: 2
...Won't this kill the "chm" file format?

RE: Wait a minute...
By TomZ on 3/26/2006 10:29:21 PM , Rating: 2
What is being discussed is integration with the OS. IE7, and its ActiveX control, will still probably have to ship in Vista, due to its use by other applications like the help viewers.

Lame Narrow Minds
By SiN on 3/28/2006 7:31:07 AM , Rating: 2
Just to add my comments to this whole thread. Firstly, many people have already stated it, MS ain't guna send out a dodgy OS for it to get hacked and soil their name as a reliable OS. They Get hacked because it is a popular OS, people just wanna rip things up half the time. Its obviouse they are taking major steps to make the OS as secure as they can... I hear all these lame comments for the same narrow minded people "fool me once..."! Your the fools, and your anti productive. MS have had a floored OS, they wouldn't release it if it was floored without it getting updated. For every piece of software released there is a load of people that try to crack its security. Its just gunna be the same way till the end of time. And for those jumping in on the threads, read the F'ing things. I can see that the IE7 will be bundeled with Vista, but its not going to be intergrated into the OS, why can is it that i see that and others don't? I'm glad with what i'm reading about vista, it is tackling a lot of its weaknesses from within, and not changing the code but ripping the guts out of the framework and re-engineering it. I guess ther'll always be the others that don't absorb the info, or just don't read it, instead they just pop off some unfounded cheap shots.

RE: Lame Narrow Minds
By SiN on 3/28/2006 7:34:31 AM , Rating: 2
*Correction* they had a floored OS but they wouldn't release it if they knew it had an issue that was root deep. I bit like me posting this post after my last. I didn't see an issue with the last till i posted it and then checked it. But i can safely bet MS don't release an OS into the wild without the stringent checks.

By hans007 on 3/25/2006 4:41:05 AM , Rating: 3
honestly i'm a qa engineer at another large software firm. and well i read code ALL day and deal with issues about well how crappy our software is.

and anyways, making large scale software projects work, and come out with something good is really really hard. i've used a lot of the vista betas and it is shaping up really well.

wow gj Microsoft
By AnotherGuy on 3/24/2006 4:17:03 PM , Rating: 2
yeah great job Microsoft... Im liking Vista more n more everyday..

Broken Link
By JDL440 on 3/24/2006 4:22:55 PM , Rating: 2
Broken Link to article.

By android1st on 3/24/2006 7:04:28 PM , Rating: 2
Microsoft is finally seeing that its monopolistic behavior is going to bite it back in the end.

By Saist on 3/24/2006 7:20:16 PM , Rating: 2
If IE7 is not bundled into Microsoft Vista OS, what exactly DOES form the framework of the operating system desktop and file browser system? It's no secret "today" that the IE5/IE6 applications are actually part of the underlying operating system and provide most of the desktop functionality avaiable under the Windows Operating System. If Microsoft is not entwining IE7 into Vista OS, what exactly is their new framework, or is Microsoft still basing that framework on IE6/IE6 code?

"We don't know how to make a $500 computer that's not a piece of junk." -- Apple CEO Steve Jobs

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki