Bolstering Protected Mode

Internet Explorer 7 introduced Protected Mode, a defense-in-depth security feature which relied upon the Windows Vista Integrity Levels (IL) system to mitigate drive-by attacks against the browser. Internet Explorer 10 introduced a stronger version of that feature, called Enhanced Protected Mode (EPM), which goes beyond the legacy IL system and provides isolation using the Windows…

0

Internet Explorer 11 and Perfect-Forward-Secrecy

In case you missed it, the recent Windows 8.1 Update update adds four new ciphersuites (including two supported by Chrome32) and changes the ciphersuite order to prefer algorithms that offer Perfect-Forward-Secrecy. You can read more about this update here. Wikipedia has a nice article on PFS, but the short summary is as follows: When your…

4

Awesome IE11 News, in case you missed it

Big news from the //build conference this week: 1. The IE team has announced a feature-implementation tracking site, which you can find at http://status.modern.ie/. This site shows what IE supports (and when it supported it) and provides a look at what to expect in future versions of Internet Explorer. It also provides links to relevant…

1

Strict P3P Validation

Internet Explorer offers users many tools to help protect their privacy, including InPrivate Browsing, cookie controls (including P3P), and Tracking Protection Lists. In February of 2012, the IE team described how a misleading P3P statement was being used to circumvent users’ privacy settings. Default P3P Restrictions Internet Explorer’s default settings restrict the use of 3rd…

3

IE11 Changes

In the past, I’ve published “Minor changes” lists for IE9 and IE10. The goal of those lists was to briefly document changes that might not be recorded elsewhere. This time around, I’m aiming to provide broader coverage of changes in IE11, including major new features and APIs. While this won’t be the best place to…

20

Internet Explorer 11’s Many User-Agent Strings

If you found this post, chances are good that you’re searching for IE11’s User-Agent string. Why? Were you planning to control your website’s behavior based on the browser “sniffed” from the User-Agent (UA) string? Please don’t; use feature detection instead (Ref1, Ref2). Poorly implemented (non-futureproof) User-Agent sniffing has proven to be the top compatibility problem…

39

History and the TravelLog

Internet Explorer keeps track of your browsing history in two ways. The active tab’s list of the back/forward navigations is called the TravelLog. You can see this list with a click-and-hold on the back or forward arrow: The list of pages you’ve visited across all browser sessions is called History. You can see it by…

0

Fun with Favicons

Last week, Ray Sun wrote a short post about the origins of the Favicon, the little “site icon” you see on the tab when you visit a website in any major desktop browser. The cool thing about using the .ICO format as the basis of Favicons is that it is a container format that can…

11

IE9 RC Minor Changes List

Back in September, I published a list of minor changes in IE9 Beta. In today’s post, I will provide an updated list of things that have changed in the IE9 Release candidate. Note: This list also includes a few changes that were present in Beta that I didn’t mention at that time. Of course, because…

44

Why Won’t IE Remember My Login Info?

Over on the Microsoft Answers forum, some folks have reported that Internet Explorer doesn’t remember their login details. This is a tricky problem to troubleshoot because there are a number of different problems which get lumped together under this description, and there are a number of different causes for each problem. Let’s break down the…

102