IE in Windows Server 2003 SP1 and Windows XP 64-bit edition v2003


With XPSP2 out the door, we’re turning our attention to bringing our latest security enhancements to upcoming Windows releases. Next up: Windows Server 2003 SP1 and Windows XP 64-bit edition v2003, which are both currently in Beta. Both these platforms will receive the same treatment as XPSP2 did for IE: they’ll get all our security improvements, the pop-up blocker, the information bar, etc.

See Tony’s blog entry about IE in XPSP2 for more info & links about the changes we made in XPSP2.

Customers who want to keep their Server box ‘hardened’ will still be able to of course (and it will remain the default setting for any Windows Server).

Once these changes are ported to those platforms, the new ‘SV1’ UA string token will show up there too.

-Christopher

Comments (36)

  1. Anonymous says:

    As well as doing security upgrades for little used platforms you are planning to fix some feature based problems, aren’t you?

  2. Anonymous says:

    Team, can you please comment on the Win2k/9x request.

  3. Anonymous says:

    When will Internet Explorer finally support unicode domains?

    There are millions of domains out by now, that you simply cannot access with Internet Explorer without this buggy Verisign plugin.

    Try to access German domains like:

    http://www.kröt.de

    http://dämlich.net

    http://www.müller.de

    There are lots of videos on dämlich.net … Windows Media Player cannot stream them, simply because of the domain-name! The Verisign workaround doesn’t work there.

    Why is this so hard to be done? Why wasn’t this included in IE6 SP2? Unicode domains were announced years ago and introduced since almost a year now. Opera supports them, Mozilla supports them, Firefox supports them, Safari supports them, Konqueror supports them … well, IE is the only one that I know of that doesn’t! Why?

    Do we really have to wait for IE 7 for this tiny but so important feature?

  4. Anonymous says:

    IE doesn’t support Unicode domains because it was last updated four years ago. I’m not counting the security "fixes" in WINXP SP2 to be an update of IE.

  5. Anonymous says:

    Ok, this might sound (and yes, even IS) somewhat inflammatory, but I think it’s the truth.

    I seriously doubt anyone is going to respond to these questions.

    MS seems to be using another definition of the word ‘blog’ than most people use.. (?)

    The MS culture of permanently playing the victim and feeling like the underdog is showing..

    Hey Msofties

    People don’t care about ms because ms doesn’t seem to care about people, that’s why the trolls are showing up you know and that’s why your bosses decided to create this blog in the first place.

    Unless it’s all show of course, wouldn’t surprise me,

    the only people you are going to contact this way are computer-literate, most (read:nearly all) users aren’t, so why bother if it’s not making you any money..

    If you work at microsoft and disagree, please reply and proof me wrong =D

    (I wouldn’t mind you know, ‘would restore my faith in mankind’ blah blah blah)

  6. Anonymous says:

    @Das boot,

    will try to reply properly later,

    too busy right now bathing in money.

  7. Anonymous says:

    It always cheers me up when people finally realise that Microsoft is a company and they are interested in money- not in making life easier for you :)

  8. Anonymous says:

    I know they’re supposed to that because they’re a company,

    I don’t don’t really blame them

    ..

    But damnit, I’m a socialist :p

  9. Anonymous says:

    Any comments on the suggestion that changes in XP SP2 prevent uploading HTML documents with "text/html" content type?

    http://lists.w3.org/Archives/Public/www-validator/2004Sep/0039.html

  10. Anonymous says:

    And some provoking never hurt anyone ;)

    I was totally exaggurating to get an answer.

    ANY answer.

    A blog is supposed to work 2 ways ya know, all this seems to be 1 way, from them -> to us.

  11. Anonymous says:

    Sorry, I’d love to answer some of those questions. But to quote Dean’s post on "what we talk about on IEBlog"

    "…as much as we’d like to be “transparent” about what to expect when, we’re a publicly traded company and we have to abide by larger communication and announcement guidelines. After a feature is public, we will go into depth on it…"

    http://blogs.msdn.com/ie/archive/2004/07/22/192138.aspx

    We do really appreciate the constructive feedback and it’s definitely impacting our plans. And we’d all really like to have more of a 2 way conversation in this blog. It just can’t be about "what to expect when", at least not now.

    Thanks

    Bruce

  12. Anonymous says:

    OK, I respect that.

    Thank you for replying =)

  13. Anonymous says:

    Das Boot,

    Actually Microsoft is doing the blog thing to show people that they themselves have ‘community’ much like the open source community. But this is sort of a forced thing and you only see Microsoft devs posting.

    Microsoft seems to think that propaganda is the same thing as community. I mean come on, who are you guys trying to fool? We’re developers not third grade retards.

    And as all IT people know, never trust the used car salesman when he tells you how great his product is. Neither trust reports paid for by the used car salesman… heh.

    The one thing they don’t seem to get is that regardless of lock-in, people want a BETTER product and they want that product on their terms… not the companies terms. Microsoft still thinks that they can dictate terms to everyone (Sender-ID anyone?) and as a result they just end up pissing off more and more people. This is why Mozilla/Firefox stats continue to climb. That and they make a damn good product that isn’t tied into my system.

    If you don’t give people what they want (and they want it bad enough), you will drive them into the arms of competitors. And what people want right now is freedom.

  14. Anonymous says:

    What about Windows 2000?

  15. Anonymous says:

    Bruce, you have to be kidding! This article started out saying:

    "With XPSP2 out the door, we’re turning our attention to bringing our latest security enhancements to upcoming Windows releases. Next up: Windows Server 2003 SP1 and Windows XP 64-bit edition v2003, which are both currently in Beta. Both these platforms will receive the same treatment as XPSP2 did for IE: they’ll get all our security improvements, the pop-up blocker, the information bar, etc."

    You’ve already told us all about what’s happening next… dodging the issue now by saying "well we can’t talk about the future" is dishonest. You can obviously talk about the future, but choose to do so only when it suits you.

    So you have told us that the improvements will make it into Internet Explorer on newer versions of Windows, but when we all ask about older versions of Windows, you suddenly clam up? I take it that your dodging of the issue is an impolite way of saying that Windows 2000 users won’t get these security issues fixed?

  16. Anonymous says:

    I don’t think we said can’t talk about the future, per se. Clearly this post talks about the future, and we’re going to be doing more and more of that here on the IEBlog.

    See http://www.eweek.com/article2/0,1759,1612948,00.asp for an article on the Win2K subject.

  17. Anonymous says:

    Here’s another eWeek article on the same subject. You’ll note that some people interviewed want an update for Win2K while some people do not.

    http://www.eweek.com/article2/0,1759,1617543,00.asp?rsDis=XP_Service_Pack_2_to_Skip_Older_Windows,_for_Now-Page001-130287

  18. Anonymous says:

    By referencing that article, you’re supporting Charles Reid’s opinion: "If customers want more secure systems, then upgrade". You might as well say: "Our previous operating systems are really insecure, and if you want a secure operating system you should upgrade to our latest one. It’s also insecure, but with this cool new Service Pack it’s much better." You’ve got to be kidding. It’s like a person who buys a car with faulty brakes and when asking to have the brakes repaired by the manufacturer gets the response: "Oh, you should buy our newer car. Its brakes are also faulty, but we’ve done a recall and made some other neato improvements."

    Not everyone wants to buy your new product, especially if the old product was broken from the start.

  19. Anonymous says:

    Are people in Microsoft dumb, or what?! I won’t buy a whole new OS only to upgrade my browser!

    Well, I don’t have to, because the newest versions of standard compliant browsers (Mozilla, Opera) work perfectly and the same on Windows 98, Windows 2000, Windows XP, Linux, BeOS, MacOS, Linux etc etc…

  20. Anonymous says:

    Indeed as soon as Redmond descides it’s over voor 9x W2K i’ll rip the browser out of the OS. I use Firefox most of the time anyways. Just my family who only uses IE.

  21. Anonymous says:

    MS is graet! Im indian ,too. Were can I applie?

  22. Anonymous says:

    What if I want a secure client OS and proper raw sockets?

    OS X?

  23. Anonymous says:

    Proper PNG support would be nice too, but hey, the PNG specs only date back to 1998, so you cannot expect a 20,000-developer company to implement them before 2004…

    Face it, IE just sucks on every aspect compared to about every browser around, from Netscape 4 upwards. MS put in a lot of effort between IE4 and IE6, just to make sure they could crush Netscape 4 (which they did, and rightfully so), but after they had capured 99% of the browser market there was no reason to update it anymore, except when somebody made public some security hole in it (most these holes probably already being known by MS).

    It’s just a pity that most computer users are conditioned to click the blue ‘e’ icon, and every PC vendor that wants to stay certified to sell Windows on their systems is forced not to install alternative products.

    Thanks for that…

    d-range

    PS: I might be an OSS zealot myself, but that doesn’t mean that the above does not apply to the average Joe user…

  24. Anonymous says:

    > So you have told us that the improvements will make it into Internet Explorer on newer versions of Windows, but when we all ask about older versions of Windows, you suddenly clam up? I take it that your dodging of the issue is an impolite way of saying that Windows 2000 users won’t get these security issues fixed?

    I guess it *was* your impolite way of saying that Windows 2000 users are left high and dry.

    http://news.com.com/Microsoft+to+secure+IE+for+XP+only/2100-1032_3-5378366.html

    "We do not have plans to deliver Windows XP SP2 enhancements for Windows 2000 or other older versions of Windows," the company said in a statement.

    I guess you can tell the mainstream press this when you are spinning it as a reason to pay money for an upgrade, but when it comes to actually informing the developers who have to support users on older systems who ask you specifically, you dodge the issue, right?

    > We do really appreciate the constructive feedback and it’s definitely impacting our plans. And we’d all really like to have more of a 2 way conversation in this blog.

    That sounds pretty dishonest right about now.

  25. Anonymous says:

    Does that mean we have to upgrade?

  26. Anonymous says:

    Autoversicherung,

    No it means you have to switch ..

    http://www.mozilla.org/products/firefox/

  27. Anonymous says:

    Wow, guys, calm down. Why do you still care about what happens with IE? Just download Firefox and be done with it.

    If the IE team manages to come up with a worthy IE7, then you can always switch back, but in the meantime there are better browsers and better things to do than worry about what bugfixes will be released for IE.

  28. Anonymous says:

    I would like to know why the IE team just doesn’t sh*t-can ActiveX in IE? I mean you have all these security issues with it creating an unsafe HTTP client and it encourages people to produce non W3C compliant web pages all for the sake of having the “competitive advantage”.

    The WWW means just that: world-wide not Microsoft-wide web! Is there something in the Microsoft working sphere that mandates you guys can’t cooperate with existing open standards for the benefit of everyone in a (open) public arena in lieu of just Microsoft?

  29. Anonymous says:

    This is the very first time that I regret the IE integration with the OS a lot. We have considered using XPSP2, but after a short test the system came unstable, and as likely known on beforehand some applications stopped working. Those are not minor applications, so we cannot install XPSP2. However, we’d like to use the new Internet Explorer. But that’s not possible, or is it?

  30. Anonymous says:

    yo_tuco, there are tons of Web pages with ActiveX built into them. Until that changes, or the Internet totally collapses, expect Microsoft to support ActiveX in IE.

  31. Anonymous says:

    What about Windows 2000? Will that get the Internet Explorer update?

  32. Anonymous says:

    What about Windows 2000 and 9x?

  33. Anonymous says:

    Oops, Jim, you’re thinking what I’m thinking…