June 29, 2006 8:30 AM PDT

Microsoft releases final IE 7 beta

A new Internet Explorer beta shows that Microsoft is trying to put its browser security woes behind it.

The software maker released the third and last beta version of IE 7 on Thursday, getting closer to final delivery by the end of 2006. That will be the first major update to the popular Web browser in five years, and much of the focus for the new version is on security.

"Security was the No. 1 investment we made in IE 7, in terms of our development resources," Tony Chor, Microsoft's group program manager for the browser, said in an interview.

Critics have likened IE 6 to "Swiss cheese" because of the many security vulnerabilities in it. These flaws have been exploited in cyberattacks to drop malicious code onto people's PCs and commandeer their Windows systems, often turning them into remote-controlled "zombies" used to send spam and launch attacks on Web sites.

Microsoft left the browser relatively unchanged after the 2001 launch of IE 6 and even reassigned IE developers to work on other projects. But with IE users under attack and increased competition in the browser space, largely from Mozilla's Firefox, the company restarted its efforts and introduced IE 7 at a major security show last year.

"We did not spend a lot of time working on the IE browser for a few years," Chor said. "The increase in security attacks and the threat that our users were under really necessitated a reinvestment in IE...primarily around security."

The IE 7 beta 3 makes some feature changes from the beta 2. The new version also provides reliability, compatibility and security fixes--more than 1,000 bugs have been dealt with in total, according to Microsoft.

Fixing bugs found in the beta process is one of the ways Microsoft looks to improve browser security. Its two main methods of securing the browser are reinforcing the core of the IE application and adding features meant to help the user stay safe online, Chor said.

On the core side, IE 7 is built in large part on the same underpinnings as IE 6. There are parts of the browser it has rewritten from scratch, primarily for security reasons, Chor said. For example, earlier versions of IE had 14 different routines, or code sections, used to handle Web addresses. This resulted in security flaws, he said.

IE 7 features

"In IE 7, we have exactly one routine. We get consistent results and a consistent security evaluation," he said. "There are other places where we have rewritten code or just removed code. With all those things, we reduce the surface area of IE to attack."

Despite the effort, some recent flaws that hit IE 6 also affected early releases of IE 7, leading some to question the security level of the new browser.

"It appears that Microsoft has put a few security features in IE 7, but the core of the Web browser, I am sure, will have just as many flaws as IE 6 has," said Tom Ferris, a security researcher who earlier this year found a bug in an IE 7 preview release.

Chor said Microsoft tries to think of all possible attack possibilities and thwart those when building the product. Also, he said, in many cases, Microsoft was hot on the tail of the problem, and had actually discovered the bug and fixed it in later builds of the browser.

"Of course we'd like to ship a product that is not affected by any vulnerabilities, but that's probably a lofty goal. I think it would be unrealistic to believe that any product would be 100 percent secure," Chor said.

CONTINUED: New security features…
Page 1 | 2

See more CNET content tagged:
Microsoft Internet Explorer 7, Microsoft Internet Explorer, Microsoft Internet Explorer 6, beta, security

20 comments

Join the conversation!
Add your comment
IE7 = HIGH IMPACT RATING?
Really.
Maybe to the success of Microsoft, but to the rest of the world..."yawn".

Is it really a big deal anymore about MS-IE whatever? The Internet is the great democracy & with so many other browsers & ways to access the Internet WITHOUT using Microsoft OR IE whatever, why is this news?

This should just be on the MS Blog, not the main news page with a HIGH IMAPCT!!! announcement & rating C|NET.

Windoze Browser...zzzzzzzzzzzzzz.
Posted by Llib Setag (951 comments )
Reply Link Flag
High Impact - to CNET's wallet.
Isn't it just amazing how fast a company is willing to talk everyone to death about a particular product... especially when that product is from a company *known* for their agressive marketing tactics (such as paying sites like this to talk us to death about every single move regarding IE)?

CNET - the cracks in your article/advertisement theory are starting to show; I for one suggest you start to change more than just your site design if you are actually interested in keeping your readership.
Posted by Cash_Coleman (6 comments )
Link Flag
Final Beta
This better be good because they're already losing tons of surfers to Firefox.
<a class="jive-link-external" href="http://www.techknowcafe.com/content/view/554/42/" target="_newWindow">http://www.techknowcafe.com/content/view/554/42/</a>
Posted by mystereojones (46 comments )
Reply Link Flag
beta
I refuse to use I.E. Firefox is my default browser.
Posted by paulsecic (298 comments )
Link Flag
Are there still browser wars?
Microsoft has also lost tons of Notepad users to TextPad. Tons of Paint users have jumped ship to Photoshop, Paint Shop Pro, etc. Does it even matter?

BTW, what's with the random link at the bottom of your posts?
Posted by news_reader (32 comments )
Link Flag
One more uselss MS product.....
... but it does keep Ballmer happy.

And someday, I might care.... someday....
Posted by Earl Benser (4310 comments )
Reply Link Flag
How can u claim that it is useless
How can claim that it is useless!!
Have you used it?
It will be more usefull if you make statements that are not prejudiced!!!
Posted by Tanjore (322 comments )
Link Flag
Have u installed it and used it?
Have you installed IE7 and used it. Are you making your statements because you are rejudiced against IE7 because it is a microsoft product?
Posted by Tanjore (322 comments )
Link Flag
But Earl...
I thought you didn't insult products that you haven't used. I used IE 7 today. Have you?

As for caring, you will when Steve drops Mac OS for Windows.
Posted by Andrew J Glina (1673 comments )
Link Flag
High impact
Well, this is High Impact. IE still has about 80% of the market, and as such this becomes high impact. I use FireFox, which is growing in popularity quite quickly, but IE is still much bigger
Posted by sidewinder (41 comments )
Reply Link Flag
The big question
The main question is when IE 7 finally hits, well Microsoft update, will enough people move back to IE 7 to make it worth Microsoft's time?

Somehow I doubt it.
Posted by Lex Man (33 comments )
Reply Link Flag
but still...
It is IE is the most popular browser and more poeple use IE than all other browsers combined! I know this is because it comes default with windows, but then, if it was a really horrible browser, people would have shifted to other browsers in great numbers.

I have come across a lot of websites which are designed specifically for IE and they don't work in other browsers... read this story for example <a class="jive-link-external" href="http://news.bbc.co.uk/2/hi/technology/4115806.stm" target="_newWindow">http://news.bbc.co.uk/2/hi/technology/4115806.stm</a> There are much fewer websites which work the other way round. With introduction of firefox, web designers have to put more code in their websites to make it work with both browsers.

Besides, firefox has a big problem rendering Indic fonts. Opera also suffers from the same problem.

With introduction of IE7, Microsoft has really narrowed the gap between IE and other browsers featurewise. The only concern now is security issues, which might be the only reason for people to switch to other browsers. BTW, I remember installing version 1.5.0.1 and after couple of days was asked to update it to 1.5.0.2 because of sucurity flaws... within weeks Firefox people released 1.5.0.3 to fix flaws in the previous one (<a class="jive-link-external" href="http://news.cbsi.com/Firefox+gets+a+fresh+security+update/2100-1002_3-6067889.html?tag=nl" target="_newWindow">http://news.cbsi.com/Firefox+gets+a+fresh+security+update/2100-1002_3-6067889.html?tag=nl</a>) and within a month they found "a dozen security vulnerabilities, five of which are deemed "critical."" with version 1.5.0.4 This is no different than Microsoft's IE.
Think about it...
Posted by ggupta7 (137 comments )
Reply Link Flag
Most popular?
Hardly

It is used the most because it is sitting in front of the countless clueless people using Dells.

The security in firefox is very, very different from IE. IE6 is extremely old, and new flaws are found almost daily. Firefox flaws are fixed in days and never exploited. IE flaws are found, and then it takes MS months to acknowlege it, and then months longer to release a half-assed fix(usually a workaround that can break with a future patch).

A rather big difference don't you think?
Posted by qwerty75 (1164 comments )
Link Flag
This story was first published on June 29.
Why is it news now? Or is anything that MS does, or doesn't do,
news - several times over?
Posted by Tui Pohutukawa (366 comments )
Reply Link Flag
Does anyone really care
MS left IE to rot for years and now that they have competition are releasing a copy-cat version. How is this important? MS is a follower and irrelevant.

Anyone who thinks that IE7 will come close to other browsers in terms of security, flexbility, standards complaince and performance are seriously deluding themselves.
Posted by qwerty75 (1164 comments )
Reply Link Flag
Mac OS
Sounds more like MacOS. Left to rot for years, and only brought back to life by borrowing from another OS.
Posted by Andrew J Glina (1673 comments )
Link Flag
Firefox
Firefox is more secure because it isn't part of the OS kernel. It is an application that sits on the kernel.

IT doesn't matter how secure they make IE, it is fundamentally flawed because IE is part of the Windows kernel, the heart of that operating system.

That means that there remains a path between hackers and your computer via the Internet. They may say it is secure, but the path exists, that is the problem that won't go away.
Posted by t8 (3716 comments )
Reply Link Flag
Firefox is more secure
Firefox is more secure because it isn't part of the OS kernel. It is an application that sits on the kernel.

IT doesn't matter how secure they make IE, it is fundamentally flawed because IE is part of the Windows kernel, the heart of that operating system.

That means that there remains a path between hackers and your computer via the Internet. They may say it is secure, but the path exists, that is the problem that won't go away.
Posted by t8 (3716 comments )
Reply Link Flag
IE 7 B3
I do not know anyone that has been able to install this.
Posted by nah40 (3 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.