Internet Explorer 7

From Wikipedia, the free encyclopedia

"IE7" redirects here. For other uses, see IE7 (disambiguation).
Internet Explorer 7

Internet Explorer 7 in Windows Vista
Developed by Microsoft
Initial release 18 October 2006
Latest release 7.0.5730.13 (Windows XP); 7.0.6001.18000 (Windows Vista) / 2008
OS Windows Vista, Windows XP SP2, Windows Server 2003 SP1, Windows Server 2008
Development status Current
License MS-EULA
Website Internet Explorer home page

Windows Internet Explorer 7, commonly abbreviated IE7, is a web browser released by Microsoft in late 2006 for Windows Vista, Windows XP SP2 and Windows Server 2003 SP1. Internet Explorer 7 is part of a long line of Internet Explorer versions and the first major version of the browser in over 5 years, coinciding with the release of Windows Vista. Its market share is increasing as it ships as the default browser in Vista and is offered as a replacement for Internet Explorer 6 on Windows XP via Windows Update. While sources are not in agreement as to IE7's global market share (estimates from three sources range from 23% to 44%)[1][2][3], when combined with IE6, the two browsers represent the majority of browsers worldwide.

Contents

[edit] Overview

Version 7.0 of Internet Explorer has been renamed Windows Internet Explorer (as opposed to Microsoft Internet Explorer) as part of Microsoft's rebranding of components that are included with Windows. It is available as part of Windows Vista and Windows Server 2008, and as a separate download via Windows Update for Windows XP with Service Pack 2 (SP2) and Windows Server 2003 with SP1 or SP2.[4] Internet Explorer 7 can also be downloaded directly from Microsoft's website. Large portions of the underlying architecture, including the rendering engine and security framework, have been significantly reworked. Partly as a result of security enhancements, the browser is a stand-alone application, rather than integrated with the Windows shell, and is thus no longer capable of acting as a file browser. The first security advisory was posted only one day after the day of release,[5] but it turned out to be a security problem in Outlook Express, not in Internet Explorer 7.[6] The first vulnerability exclusive to Internet Explorer 7 was posted after 6 days.[7]

On Windows Vista, Internet Explorer operates in a special "Protected Mode", that runs the browser in a security sandbox that has no access to the rest of the operating system or file system, except the Temporary Internet Files folder. When running in Protected Mode, IE7 is a low integrity process; it cannot gain write access to files and registry keys outside of a user profile's folder. This feature aims to mitigate problems whereby newly-discovered flaws in the browser (or in Add-Ons hosted inside it) allowed hackers to subversively install software on the user's computer (typically spyware).[8][9]

Windows Internet Explorer 7 Running in Windows XP
Windows Internet Explorer 7 Running in Windows XP

The Windows Vista and XP version of Windows Internet Explorer 7 additionally feature an update to the WinInet API. The new version has better support for IPv6, and handles hexadecimal literals in the IPv6 address. It also includes better support for Gzip and deflate compression, so that communication with a web server can be compressed and thus will require less data to be transferred.[10][11] Internet Explorer Protected Mode support in WinInet is exclusive to Windows Vista. On October 8, 2007, Microsoft removed the Windows Genuine Advantage component of IE7 and opened it for all users of Windows.[12]

IE Market Share for March, 2008
according to Net Applications[13]
IE4 – 0.01%
IE5 – 0.10%
IE5.5 – 0.09%
IE6 – 28.94%
IE7 – 45.65%
IE8 – 0.02%

[edit] History

On February 15, 2005, Microsoft Chairman Bill Gates announced that the new version of its browser would be released at the RSA Conference 2005 in San Francisco.[14] Internet Explorer 7 is available only for Windows XP SP2 and later, including Windows Server 2003 SP1 and Windows Vista. The first beta version of the browser was released on July 27, 2005 for technical testing, and a first public preview version of Internet Explorer 7 (Beta 2 preview: Pre-Beta 2 version) was released on January 31, 2006. The final public version was released on October 18, 2006. Interestingly, that same day but prior to Microsoft's launch of IE7, Yahoo! provided a post-beta version of Internet Explorer 7 bundled with Yahoo! Toolbar and other Yahoo!-specific customizations. Version 7 is intended to defend users from phishing as well as deceptive or malicious software, and it also features full user control of ActiveX and better security framework, including not being integrated as much with Windows[15] as previous versions, thereby increasing security. Unlike previous versions, the Internet Explorer ActiveX control is not hosted in the Windows Explorer process, but rather it runs in its own process. It also includes bug fixes, enhancements to its support for web standards, tabbed browsing with tab preview and management, a multiple-engine search box, a web feeds reader, Internationalized Domain Name support (IDN), and antiphishing filter. On October 5, 2007, Microsoft removed the 'genuine software' validation before install, which means that all versions of Windows, whether able to pass validation or not, are able to install the browser.

In late 2007 Microsoft announced that Internet Explorer 7 would not be included as part of Windows XP SP3, with both Internet Explorer 6 and 7 receiving updates. [16]

Within a year after IE7s release (end of 2006 to end of 2007) support calls to Microsoft had decreased 10-20 percent. [17]

[edit] Criticism

[edit] Security

Internet Explorer comes under heavy scrutiny from the computer security research community, in part due to its sheer ubiquity. Exploitation of Internet Explorer's security holes has earned IE the reputation as the least secure of the major web browsers.[citation needed]

Microsoft has addressed this problem in two distinct ways with Windows Vista: User Account Control, which forces a user to confirm any action that could affect the stability or security of the system even when logged in as an administrator, and "Protected-mode IE", which runs the web browser process with much lower permissions than the user.[18]

[edit] Phishing Filter

Some users have criticised the Phishing Filter for being too easy to circumvent. One successful method of bypassing Internet Explorer's Phishing Filter has been reported by redirecting a blacklisted web page to another, nonblacklisted page, using a server-side redirect. Until the new page is blocked as well, the attack can remain active.

This flaw means that Phishers can keep links from previous emails functioning by simply moving to a new server when their original web page is blacklisted and adding a redirect.

This has been criticised as doubly serious as the presence of a phishing filter may lull users into a false sense of security when the filter can be bypassed. [19]

[edit] Standards support

 This section needs additional citations for verification.
Please help improve this article by adding reliable references. Unsourced material may be challenged and removed. (November 2007)

Other criticisms concern Internet Explorer's support of open standards. Although Internet Explorer 7 is significantly more compliant than previous versions, it remains the least standards-compliant of any major browser.[20]

It is also claimed that lack of support in Internet Explorer is responsible for holding back the widespread adoption by webmasters of several new open technology standards[who?] (SVG, supported elsewhere in 2001, and as of yet unsupported in Internet Explorer without a 3rd party plugin).

Web developers must work with the technology supported across all browsers for cross-platform development, and Internet Explorer is often criticized for being technically inferior[citation needed]. These include supporting fewer or wrongly interpreting more CSS, HTML, and DOM features than Firefox, Opera or Safari and not having native XHTML support.[21] As a result of these, it does not pass the Acid2 test, a test case designed by the Web Standards Project to verify CSS compliance.

[edit] Usability and accessibility

Windows Internet Explorer 7's "Quick Tabs"
Windows Internet Explorer 7's "Quick Tabs"

Comparatively speaking, the default Internet Explorer interface is less cluttered than some of the Internet suites such as Netscape Communicator, and SeaMonkey (formerly Mozilla). With IE7, the interface has become even more streamlined, redesigning the interface to the most minimal possible. The interface can be modified should the user prefer it that way.

Since it is tightly integrated with the operating system, Internet Explorer makes full use of the accessibility framework provided in Windows. Internet Explorer is also a user interface for FTP, with operations similar to that of Windows Explorer. However, with version 7.0, FTP sites are rendered in a hyper linked page, with the folder-like view available if the site is accessed from Windows Explorer. IE7 can itself launch Windows Explorer for FTP sites.

The ability to limit scripting functions, such as those that modify the status bar or adjust the size or position of the browser window was introduced with IE7.

Tabbed browsing functionality was introduced with IE7, augmented with an ability to view these quickly with "Quick Tabs", an RSS-rendering capabilities, feed discovery, and intelligent print layouts, with the shrink-to-fit feature resizing page layout to fit in the paper margins. Tabbed browsing can be added to previous versions using add-ons, like MSN Toolbar, which added tabbed browsing functionality, though much less refined than the native implementation in IE7, to IE6.

[edit] Standards support

Internet Explorer offers support for HTML 4.01, CSS Level 1, VML, VBScript, XML and DOM Level 1, with serious implementation gaps. It also offers limited or broken support for CSS Level 2, XHTML, DOM Level 2, and XSL. Internet Explorer provides its own dialect of ECMAScript called JScript.

Internet Explorer supports a variety of graphics file formats, including BMP, GIF, JPEG and partial support of PNG. Version 7.0 introduced enhanced PNG support, including alpha channels but ignores gamma information. It also includes an extended support for CSS Level 2.

The policy toward the W3C web standards when IE7 was coded was not clear, making unclear the final respect or not of this standard.

[edit] Features and changes

Favorites Center in Favorites view, Feeds view and History view
Favorites Center in Favorites view, Feeds view and History view
  • For security reasons, Internet Explorer is no longer integrated with the Windows Explorer shell. Local files typed in IE7 are opened using the Windows Explorer shell and websites typed in Windows Explorer shell are opened using the default web browser.
  • Protected Mode (available in Windows Vista only), whereby the browser runs in a sandbox with even lower rights than a limited user account. As such, it can only write to the Temporary Internet Files folder and cannot install start-up programs or change any configuration of the operating system without communicating through a broker process. IE7 Protected Mode relies on the User Account Control technology.
  • Version 7 supports tabbed browsing, a popular feature in competing web browsers. Also new is a feature called "Quick Tabs", which displays a thumbnail preview of opened tabs. Since the release of Beta 3 onwards, the user has been able to manually rearrange the tabs by dragging and dropping them as desired.
  • Version 7 adds support for internationalized domain names (IDN) with included anti-spoofing protection. If the user visits a website whose name is in a foreign language (non-Latin characters), it will be displayed in punycode if the user does not have support for the language installed. Also, non-Latin characters can, with certain restrictions, be mixed with Latin characters. In the latter case, punycode is used if support for the non-Latin script is not installed. This helps prevent phishing scams, where some characters are replaced with a similar looking character from a different alphabet.
  • A search box has been added to the top-right corner. The default search engine is inherited from Internet Explorer 6's settings, which various search engine toolbars override to provide search capabilities on the address bar, but additional providers may be added (Google, Altavista, Yahoo!, Live Search, Wikipedia, etc). Microsoft supplies a list of common providers.[22] The search box uses A9.com's OpenSearch technology to import search providers. The use of an open standard makes it easier for websites to include their pre-defined search queries in the search box.[23] Also available is a comprehensive list of popular search providers that can be added to the search box.[24] With the release of Windows Internet Explorer 7, Microsoft updated its list of common providers with a tool that enables users to manually create and add a search provider to the search box.
  • Support for per-pixel alpha channel transparency in PNG images has been added.[25]
RSS Feed Reader in IE7
RSS Feed Reader in IE7
Feeds Plus Notification
Feeds Plus Notification
  • An integrated feed reader is included, so that users can read web feeds (RSS or Atom) without a separate RSS reader. Features include automatic feed discovery and the ability to retrieve feed updates even when the web browser isn't running. The web feeds feature set is also available to third-party developers through API's, so that the list of subscribed feeds (as well as their current contents) can be used.[26] An add-on to IE7, Feeds Plus, provided by Microsoft itself, provides enhanced notification capabilities for the RSS platform.[27]
  • ActiveX Opt-In blocks ActiveX Control unless it allowed to be installed. This feature improves security from unverifiable and vulnerable controls. ActiveX controls can be chosen to be installed on Information Bar. User can turn on and off ActiveX Control by using Add-on Manager.
  • A number of improvements to CSS, DOM, and HTML support have been made. Microsoft's stated goal with version 7 was to fix the most significant bugs and areas which caused the most trouble for developers, and then improved coverage of the standards would come later.
  • The known problem of having the right-hand portion of a web page cut off when the page is printed has been fixed. Page content can also be "shrunk" to fit more text on a single page. The revamped "Print Preview" interface will also let users drag the page margins around and see the results immediately.
  • A Page Zoom selector has been added to the bottom-right corner of the user interface. Unlike the "Text size" feature, this will zoom the complete contents of the web page, allowing for easier reading on larger displays. Fonts are rendered at higher resolution.[28]
  • ClearType can be enabled or disabled separately from the rest of the operating system.[29]
Browsing to a site which IE deems to be a phishing site is blocked by default. The user has to make an explicit choice before continuing.
Browsing to a site which IE deems to be a phishing site is blocked by default. The user has to make an explicit choice before continuing.
  • The new Phishing Filter offers protection against phishing scams and other websites that may be considered dangerous for a user to enter their personal information into. When enabled, every website the user visits is checked against a master list of known phishing sites. If a site is listed, the user is informed. In light of the privacy implications of this feature, it is not enabled automatically; the user is asked when they start Internet Explorer 7 if they want it enabled.[30] Microsoft is working in conjunction with companies that specialize in identifying phishing schemes to ensure the list of known sites is accurate and quickly updated.[31]
  • The address bar and status bar appear in all windows including popups which helps to block malicious sites from disguising them as trusted sites. Also the address bar features a color code to visually indicate the trustworthiness of the page. The address bar turns red when a page, with invalid security certificate, is accessed. In case of sites not using any encryption, the address bar is white. And if the page uses high security certificate, the bar turns green.
  • Modal windows such as dialog boxes are shown only when the tab that has generated them is selected (in such situations, the tab color becomes orange). On the other hand, the save window is modal and when saving the page shown in a tab, the user cannot browse other tabs.
  • The address bar no longer allows JavaScript to be executed on blank pages (about:blank). This feature is still supported on other pages though, which enables bookmarklets to work properly. A reason for the change has not been given.
  • The status bar no longer allows custom text to be entered (e.g.: "Formatting C:\ 10% Complete |||||||") and will always show the URL of any link hovered over, for security. It now also shows the target URL of form buttons to help identify forms which submit their data to suspicious sites.
  • "Delete Browsing History" cleans the complete browsing history in a single step. Previously this was a multistage process requiring users to delete browser cache, history, cookies, saved form data and passwords in a series of different steps. This is useful for improving privacy and security in a multiuser environment, such as an Internet café.
  • Contextual Go/Refresh button. When any URL is typed into the address bar, the button changes from "Refresh" to "Go" and when "Go" (or keyboard Enter) is hit, the button changes from "Go" to "Refresh". In this way the space taken by the toolbars is minimized.
  • The "back" and "forward" menus have been combined into one menu which shows the users current position in their history with a bold entry. In most cases, the current page will be at the top, with a list of pages to go "back" to, but if the user has just gone back one or more pages, there will be additional items above the current page to which they can navigate forwards.
  • Fix My Settings checks at startup or when a setting is changed, if the current settings are unsafe it notifies the user. The user can also press a button in order to fix the settings to a safe state. There is currently no way to disable these warnings.
  • Old protocols and technologies removed: Gopher, TELNET, Scriptlets, DirectAnimation, XBM, Channels (.CDF files) also known as 'Active Desktop Items', etc. The DHTML Editing Control is being removed from IE7 for Windows Vista to reduce surface area for security attacks.[32]
  • No Add-ons allows IE7 to launch without the installed extensions.
  • The menu bar can be hidden to allow more space for webpages.
  • Improved text selection.
  • IE7 cipher strength: 256-bit (Only for Vista, IE7 for XP and Server 2003 only supports 128-bit)
Sites presenting EV Certificates are trusted
Sites presenting EV Certificates are trusted
  • The address bar turns red when the certificate presented by a secure site has some problems. In that case navigation to the site is blocked by default, and can only be accessed after the user explicitly confirms the navigation.
  • IE7 includes support for Extended Validation Certificates (EV). When sites present an EV certificate the address bar is shown in green.
  • New Group Policy's Administrative Templates (.adm files) for IE7 are loaded automatically onto the Domain Controller when a Group Policy is opened from a workstation where IE7 has been installed. These new administrative templates allow for controlling the Anti-Phishing filter state, for example.
  • Reset Internet Explorer settings Deletes all temporary files, disables browser add-ons, and resets all the changed settings to factory settings. It can be used if the browser is in an unusable state.

[edit] Release history

  • On January 31, 2006, Microsoft released a public preview build (Beta 2 preview: Pre-Beta 2 version) of Internet Explorer 7 for Windows XP Service Pack 2 (not for Windows Server 2003 SP 1) on their web site. It stated that more public preview builds (possibly Beta 2 in April) of Internet Explorer 7 will be released in first half of 2006, and final version will be released in second half of 2006.[33] The pre beta build was refreshed on March 20, 2006 to build 7.0.5335.5. A real Beta 2 Build was released on April 24, 2006 to build 7.0.5346.5. In addition, at the MIX'06 conference, Bill Gates said that Microsoft is already working on the next two versions of IE after version 7.
  • On June 29, 2006, Microsoft released Beta 3 (Build 7.0.5450.4) of Internet Explorer 7 for Windows XP SP2, Windows XP x64 Edition and Windows Server 2003 SP1. It features minor UI cleanups, re-ordering of tabs by drag and drop, as well as noticeable performance improvements.
  • On August 24, 2006, the Release Candidate 1 (RC1) of Internet Explorer 7 (Build 7.0.5700.6) was released for Windows XP SP2, Windows XP x64 Edition and Windows Server 2003 SP1. This was the last pre-release version of IE7 before the final release.
  • On September 28, 2006, 3Sharp, a privately held technical services firm, published the results of a study, commissioned by Microsoft,[34] evaluating eight anti-phishing solutions in which Internet Explorer 7 (Beta 3) came out on top. The study evaluated the ability to block phish, to warn about phish, and to allow good sites.[35]
  • On October 18, 2006 the first finished version was released on microsoft.com, and was distributed as a high-priority update via Automatic Updates (AU) on November 1. AU notifies users when IE7 is ready to install and shows a welcome screen that presents key features and choices to “Install”, “Don’t Install”, or “Ask Me Later”.
  • On November 8, 2006 a version of Internet Explorer 7 was released for Windows Vista only (7.0.6000.16386).
  • On November 11, 2006 another version for Windows XP was made available (7.0.5730.11IC)[36].
  • On September 24, 2007 Windows Server 2008 RC0 was released with version 7.0.6001.16659.[37]
  • On October 4, 2007 the latest version for Windows XP (7.0.5730.13) was made available.
Major version Minor version Release date Significant changes Shipped with
Version 7 7.0 Beta 1 July 27, 2005 Support of PNG alpha channel. CSS bug fixes. Tabbed browsing. Windows Vista Beta 1
7.0 Beta 2 Preview January 31, 2006 More CSS fixes. RSS platform integration. New UI. Quick Tabs.
7.0 Beta 2 April 24, 2006 Feature complete. More CSS fixes. Application compatibility fixes.
7.0 Beta 3 June 29, 2006 Fixes rendering issues for CSS.
7.0 RC 1 August 24, 2006 Improvements in performance, stability, security, application compatibility and final CSS adjustments.
7.0 October 18, 2006 Final and current release. Windows Vista

[38]

Shdocvw.dll Notes
major version.minor version.build number.sub-build number
7.00.5730.1100 Internet Explorer 7 for Windows XP and Windows Server 2003
7.00.6000.16386 Internet Explorer 7 for Windows Vista
7.00.6000.16441 Internet Explorer 7 for Windows Server 2003 SP2 x64
7.00.6000.16441 Internet Explorer 7 for Windows XP SP2 x64

[edit] References

[edit] References

  1. ^ Net Applications
  2. ^ OneStat
  3. ^ W3Counter
  4. ^ Automatic Delivery of Internet Explorer 7, Retrieved on 2006-09-22
  5. ^ Internet Explorer 7 'mhtml:' Redirection Information Disclosure
  6. ^ IE7 Vulnerability already? Not really
  7. ^ Internet Explorer 7 Window Injection Vulnerability
  8. ^ Understanding and Working in Protected Mode Internet Explorer. MSDN – Internet Explorer Development Technical Articles. Microsoft (January 2006). Retrieved on 2006-04-13.
  9. ^ Introducing Internet Explorer 7 (2006-05-26). Retrieved on 2006-11-30.
  10. ^ IE's Gzip and deflate support
  11. ^ IE already supports Gzip and deflate
  12. ^ IE7 opens to pirated Windows
  13. ^ Browser Market Share (2008-04-1). Retrieved on 2008-04-01.
  14. ^ Gates Highlights Progress on Security, Outlines Next Steps for Continued Innovation, May 12, 2005.
  15. ^ Article regarding Internet Explorer 7's integration into windows, March 24, 2006
  16. ^ http://news.softpedia.com/news/No-Internet-Explorer-7-Will-Not-Be-a-Part-of-Windows-XP-SP3-73896.shtml No, Internet Explorer 7 Will Not(!) Be a Part of Windows XP SP3
  17. ^ IEBlog : The First Year of IE7
  18. ^ Protected Mode in Vista IE7. Internet Explorer team blog. Microsoft (February 9, 2006). Retrieved on 2006-04-07.
  19. ^ Universal Phishing Filter Bypass. Alex's Corner blog. Individual entity (February 14, 2008). Retrieved on 2008-02-14.
  20. ^ Web browser standards support summary. Web Devout.
  21. ^ Web browser standards support summary. Web Devout.
  22. ^ Add Search Providers to Internet Explorer 7
  23. ^ Searching is better in Beta 2!, IEBlog
  24. ^ Extra Internet Explorer 7 search providers list (IE7), Tredosoft
  25. ^ IE7 Transparent PNG Implementation, IEBlog
  26. ^ Windows RSS Platform ala carte, Microsoft Team RSS Blog
  27. ^ Feeds Plus: An Intern Adventure. Retrieved on 2007-07-05.
  28. ^ Page Zoom in IE7, IEBlog
  29. ^ ClearType Text in IE7, IEBlog
  30. ^ Phishing Filter in IE7, IEBlog
  31. ^ New enhancements to Phishing Filter protection for IE, IEBlog
  32. ^ B. Ashok (June 27, 1857). A Note about the DHTML Editing Control in IE7 for Windows Vista. IEBlog. MSDN Blogs. Retrieved on 2006-06-27.
  33. ^ Internet Explorer 7 downloads
  34. ^ IEBlog : Anti-Phishing Accuracy Study
  35. ^ http://www.3sharp.com/projects/antiphish/gone-fishing.pdf
  36. ^ http://support.microsoft.com/?kbid=164539 Microsoft Knowledge Base with version listing], January 19, 2007
  37. ^ http://support.microsoft.com/?kbid=164539 Microsoft Knowledge Base with version listing], January 19, 2007
  38. ^ http://support.microsoft.com/kb/q164539/ kbq164539

[edit] See also

Microsoft Portal

[edit] External links

v  d  e
Internet Explorer
Versions
Version 2 · Version 3 · Version 4 · Version 5 · Version 6 · Version 7 · Version 8
Mobile · for Mac · for UNIX
Overview
Current technologies
and related software
Previous technologies
and related software
Events
Related topics