backtop


Print 84 comment(s) - last by Shadowmaster62.. on Oct 15 at 4:27 PM

Microsoft makes its IE7 browser available to a wider audience

In a surprise move, Microsoft has issued a new build of Internet Explorer 7 (IE7) to customers that can be installed on any machine running Windows XP or Windows Server 2003 -- IE7 is already included in Windows Vista operating systems.

IE7 was previously reserved for customers using genuine copies of Windows-based operating systems and was protected by Microsoft's Windows Genuine Advantage (WGA) validation software.

"Because Microsoft takes its commitment to help protect the entire Windows ecosystem seriously, we’re updating the IE7 installation experience to make it available as broadly as possible to all Windows users," remarked IE7 program manager Steve Reynolds on the IE Blog. "With today’s 'Installation and Availability Update,' Internet Explorer 7 installation will no longer require Windows Genuine Advantage validation and will be available to all Windows XP users."

Microsoft is likely using this move to makes IE7 available to the broadest range of customers worldwide. Mozilla's Firefox browser has gained a lot of traction recently, and this move would give Microsoft some additional ammunition.

In addition to the removal of WGA, the latest version of IE7 brings updates to the menu bar, online tour and a new MSI installer for IT administrators.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

I guess MS is afraid of...
By Marlin1975 on 10/5/2007 6:57:57 PM , Rating: 2
Opera, Firefox, etc... gaining more share so MS wants EVERYBODY to use IE7 even those that did not pay for their WinOS.
That and with so many people sticking to XP, and older OS's, most sites are not going out of there way to make sure IE7 works 100%.




RE: I guess MS is afraid of...
By mechBgon on 10/5/2007 7:09:42 PM , Rating: 5
Actually, I believe the underlying motive has more to do with countering the bad guys than grabbing market share. Whether YOU use Internet Explorer or not, your WinXP system is more secure overall if your IE version is IE7, due to its security improvements over IE6.

Another aspect of this revision is improved deployability, customizability and manageability, which the corporate folks will appreciate (unless they're the end user being thwarted in their attempt to defy I.T.'s policies). IE is still THE browser, if you want to manage your fleet's browsers using Group Policy and IEAK.

MVP, Windows Shell/User


RE: I guess MS is afraid of...
By calyth on 10/5/2007 7:22:37 PM , Rating: 2
The best security improvement over IE6 is to simply not use it anyways.
Web devs who code for IE only should just stop doing developement altogether.


RE: I guess MS is afraid of...
By mechBgon on 10/5/2007 8:08:25 PM , Rating: 3
quote:
The best security improvement over IE6 is to simply not use it anyways.


Actually, the best security improvement is to stop running your browsers, ANY browsers, with Admin-level privileges.

http://www.mechbgon.com/build/Limited.html

But if IE is invoked by malware, then that's where you may benefit from having IE7 rather than IE6 even if you don't normally use IE at all. Case in point, if you're interested:

http://www.eweek.com/article2/0,1759,2185307,00.as...

Speaking as someone who does a bit of security research ;) I suggest getting IE7 even if you don't plan to use it yourself. Also vet your rig for security vulnerabilities using Secunia's Personal Software Inspector:

https://psi.secunia.com

MVP, Windows Shell/User


RE: I guess MS is afraid of...
By yaneurabeya on 10/6/2007 2:32:08 PM , Rating: 2
quote:
Actually, the best security improvement is to stop running your browsers, ANY browsers, with Admin-level privileges.


Actually, the best thing to do is if you are so concerned about security is to unplug your computer from whatever network you're using, and don't allow physical access to it. No matter what OS you use, no matter what method you use to access the network, you are imposing a degree of security risk upon the machine by just being connected. End of Story.

And just because you execute a process using a non-privileged account, doesn't mean that it can't do a lot of damage with files that it can access (say your pictures, your documents, your music, etc).

Seriously though, please don't try and diffuse the fact that MSIE is a bloated browser (IE7 in particular, even though it works much better with higher amounts of resident memory than IE6), and it doesn't really any additional functionality with all its bloat.

The only reason why the Mozilla browsers are so slow is because they have the XUL engine powering the themes and add-ons, whereas IE6 requires third-party plug-ins and hacked themes to work.

Some food for thought:
- Mozilla browsers are closer to Javascript / W3 to being compliant than MSIE (even though IE7 which was lauded as MS's first attempt to become W3 compliant -- still not even close).
- Add-on's and extensions give you a much easier hold on adding features to your browser, instead of having to add a bunch of 3rd party plugins, sometimes from untrusted sources, in order to get functionality.
- If you build it (HTML, content) for Mozilla browsers, it'll reach a wider audience of users than IE will with MS's proprietary ActiveX and Javascript bindings.
- ActiveX, WScript, and some other portions of the MS scripting 'experience' expose a greater number of gateways for a cracker to access into your machine with. This includes file access, amongst many other facilities. Mozilla browsers (and other browsers such as Opera, etc even) don't have this 'functionality' because they're generic and don't want to support it across multiple platforms / OSes. However, I find it to be a strong security point that they don't have these possible security holes like MSIE does with the script setup.

quote:
Speaking as someone who does a bit of security research ;) I suggest getting IE7 even if you don't plan to use it yourself. Also vet your rig for security vulnerabilities using Secunia's Personal Software Inspector:


Or just run a Unix-based OS because if you don't run as root, you get the same thing, and you don't have to worry about annoying Vista features like UAC ;)..

-Garrett
http://wiki.freebsd.org/GarrettCooper


RE: I guess MS is afraid of...
By mechBgon on 10/6/2007 9:52:05 PM , Rating: 3
quote:
And just because you execute a process using a non-privileged account, doesn't mean that it can't do a lot of damage with files that it can access (say your pictures, your documents, your music, etc).


I completely agree, and this is one reason I also suggest using a disallowed-by-default Software Restriction Policy for verisons of Windows that support SRP (http://www.mechbgon.com/srp/index.html ), as well as risk avoidance to the extent that's practical, elimination of attack surface where practical, and some other good practices.

quote:
Seriously though, please don't try and diffuse the fact that MSIE is a bloated browser (IE7 in particular, even though it works much better with higher amounts of resident memory than IE6), and it doesn't really any additional functionality with all its bloat.


In an era where some PC games can push the 2GB mark, it appears to me that most modern computers can handle either version of IE pretty well. As for functionality, I can think of several functional advances in IE7, some of which I use a lot, some of which I don't.

quote:
Some food for thought:
- Mozilla browsers are closer to Javascript / W3 to being compliant than MSIE (even though IE7 which was lauded as MS's first attempt to become W3 compliant -- still not even close).
- Add-on's and extensions give you a much easier hold on adding features to your browser, instead of having to add a bunch of 3rd party plugins, sometimes from untrusted sources, in order to get functionality.
- If you build it (HTML, content) for Mozilla browsers, it'll reach a wider audience of users than IE will with MS's proprietary ActiveX and Javascript bindings.
- ActiveX, WScript, and some other portions of the MS scripting 'experience' expose a greater number of gateways for a cracker to access into your machine with. This includes file access, amongst many other facilities. Mozilla browsers (and other browsers such as Opera, etc even) don't have this 'functionality' because they're generic and don't want to support it across multiple platforms / OSes. However, I find it to be a strong security point that they don't have these possible security holes like MSIE does with the script setup.


Given the exploits I see used via both IE and FireFox at some malicious sites, the bad guys seem to be moving away from simply exploiting the browser itself on Windows systems. As for ActiveX, the opt-in feature of IE7 is a timely improvement over IE6 and gives a buffer against scripted attacks via ActiveX. Whether IE is the user's daily-driver browser or not, they stand to benefit from updating from IE6 to IE7, and that is the message to take to the bank here.

quote:
Or just run a Unix-based OS because if you don't run as root, you get the same thing, and you don't have to worry about annoying Vista features like UAC ;).


For those who are interested in that option, hit our Operating Systems forum where we have a stickied thread to help you out, as well as some helpful *nix dudes :) But for many folks, the more realistic option is to get up-to-speed on their Windows security.

MVP, Windows Shell/User


RE: I guess MS is afraid of...
By Christopher1 on 10/7/2007 2:09:42 PM , Rating: 2
IE7 BLOATED? What world are you living in? The installation takes up about 20MB's, less than Mozilla Minefield's 30-35MB's.

IE7 is not bloated in any way, shape or form.


RE: I guess MS is afraid of...
By Blight AC on 10/8/2007 8:51:11 AM , Rating: 2
The problem with IE7 for some IT departments is support by third party vendors for web based applications. Some of our web based apps do not like running in IE7, and getting the vendors off their arses to support it... well, some just don't and others are real slow about it.


RE: I guess MS is afraid of...
By borowki on 10/5/2007 7:38:32 PM , Rating: 2
The underlying motive is that Russia has been threatening to move towards Open Source in a big way, because a large percentage of their computers (including tose in government institutions) run pirate copies of Windows.

Kremlin > bad guys > poor people.


RE: I guess MS is afraid of...
By Jack Ripoff on 10/5/2007 8:25:23 PM , Rating: 2
Microsoft just want people to use their products in order to spread their flawed proprietary standards, thus making it harder to use competing products.


RE: I guess MS is afraid of...
By thesid on 10/6/2007 5:48:10 AM , Rating: 3
god! you ppl cried when they started WGA.. now you cry again when they stop using it ,..... retards


RE: I guess MS is afraid of...
By cyberserf on 10/6/07, Rating: 0
RE: I guess MS is afraid of...
By Jack Ripoff on 10/6/2007 2:05:10 PM , Rating: 2
Why have I been downrated? What I said is true!

Their web browser (specially previous versions of it) implemented undocumented deviations from global standards which forced web developers to tweak their pages in order to make them compatible with it - which in turn rendered those pages nearly unusable on other web browsers.

All their products are riddled with undocumented "features", programming interfaces, document formats and network protocols which make them uninteroperable with competing products.

http://www.eweek.com/article2/0,1895,2178222,00.as...
http://www.vanwensveen.nl/rants/microsoft/IhateMS_...
http://www.catb.org/~esr/halloween/halloween1.html


RE: I guess MS is afraid of...
By yaneurabeya on 10/6/2007 2:39:19 PM , Rating: 2
Jack is very correct in this regard.

MSIE still is the number one loser in several arenas in terms of complying with W3 standards.


RE: I guess MS is afraid of...
By TomZ on 10/7/2007 9:51:41 AM , Rating: 2
The reason you got downrates is that you assume that a paper standard is always more important than a de facto standard.

I've worked as a software and electrical engineer and manager for many years - and I can tell you that most standards aren't worth the paper they're printed on. Most written standards are ambigious and leave so much open for interpretation that the result is a set of products that are loosely "standardized" but have a large number of compatibility problems. You see this in nearly every industry, including the web.

If a particular product has most of the market share, it is usually far more efficient to use that product's implementation as a de-facto standard, rather than writing a separate paper standard. The de-facto standard has been "reality tested" since it is in a product already, plus it has evolved in order to meet the requirements of the domain. Furthermore, someone writing another conforming application can simply test theirs against the original, which eliminates any question about compatibility.

I'm not saying this is the best approach in all cases, but it is rather effective in many areas, including the web.


RE: I guess MS is afraid of...
By Jack Ripoff on 10/7/2007 8:38:41 PM , Rating: 1
quote:
I've worked as a software and electrical engineer and manager for many years - and I can tell you that most standards aren't worth the paper they're printed on.

It's not about being a paper standard or even a quality standard. It's about being an open, documented and interoperable standard.

Let's take Java and MSOOXML as examples. Java isn't a paper standard. It's owned by Sun Microsystems. It is, however, multiplatform and can be reimplemented by anyone since it's documented and not dependent on any platform-specific behavior or feature by-design. It runs on mainframes as well as mobile phones. Microsoft's OpenXML, on the other hand, is an ECMA standard, but it relies on behaviors specific to Microsoft Office, references other undocumented and proprietary Microsoft standards (e.g.: WMF) and is generally inconsistent and difficult to implement on a non-Microsoft platform.

quote:
I'm not saying this is the best approach in all cases, but it is rather effective in many areas, including the web.

Actually you're saying effectiveness is more important than interoperability.


RE: I guess MS is afraid of...
By mrchoas101 on 10/11/2007 1:12:37 AM , Rating: 2
I think your right.

I used an copy of XP for a while (I now own my own) when I was just dirt poor in school. WGA forced me to go to firefox. Prob is once I bought my REAL copy, I installed firefox and kept it. I do use IE but ONLY when a page wont work right in firefox.


"We basically took a look at this situation and said, this is bullshit." -- Newegg Chief Legal Officer Lee Cheng's take on patent troll Soverain

Related Articles
Firefox Hits 400 Million Downloads
September 10, 2007, 3:29 PM













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki