Prepare for Internet Explorer 7

Though significantly more secure, IE 7 has a tendency to choke on some Web apps

After one of the most widely tested beta products in Microsoft's history and trial downloads by millions of users, Internet Explorer 7 Version 1.0 is finally ready. The tentative release date is Oct. 18, followed by Windows Update and Automatic Updates availability on Nov. 2.

So come that day, IE 7 will start appearing in a large percentage of the world's auto-patching inboxes. Although users and administrators will not be forced to install it (there are several ways to avoid installing it), my guess is that most users will. Is your company ready?

One potential problem is that, whereas many applications and software products will not support IE 7, many corporate applications demand it. Now, I often use various Internet browsers, including Firefox (Version 2.0 should be coming to final release soon), Konqueror, Opera, and Lynx. My friends have been showing me some other very cool browsers with features I wish IE 7 had. But it's not feasible to abandon IE entirely.

Truth be told, however, I love IE 7, and not for the tabbed browsing. I don't get the excitement over that feature. Contrary to popular belief, opening multiple copies of IE 6 wasn't any harder than opening up multiple tabs.

I'm not even in love with the new IE 7 interface. I can't believe it hasn't been significantly improved between the first available betas and the final release candidates. Microsoft is trying so hard to present a cleaner interface that it's forcing users to manually add options and icons that should be on the default menu bars.

No, what I love is its increased security. IE 7 has dozens of new features, but here is a summary list of the most significant security features (not including Protected Mode available only in the Vista version):

-- Anti-phishing filter (ranked best-in-class by several reviewers)

-- Improved digital certificate handling (more in-your-face about problems)

-- Better encryption support (TLS turned on by default; large cipher support)

-- Improved URL handling protections

-- Improved XSS (cross site scripting) protections

-- Improved add-on management

-- Safer ActiveX control handling

-- Improved pop-up blocking

-- Privacy improvements

-- Support for international domain names (used in a Firefox exploit in 2005)

-- New RSS feeds (running in the restricted sites zone)

-- Larger minimum window sizes and other fixes to prevent malicious tricks

-- One-click Fix My Settings feature

-- Single-click browser-content cache deletion

-- Improved parental controls

-- More than a dozen other new security options

Last year, I didn't give IE 7 much hope to slow down the browser hacking rate. At the time it seemed every new exploit announced against IE 6 also worked against IE 7. That has changed the past few months. In fact, only two of the past 10 IE exploits worked against IE 7 -- none in Vista Protected Mode. So although IE hacking won't go away, it should slow down.

Given the security enhancements in IE 7, it's unfortunate that many applications will not support it. In my testing, about 20 percent of all Web-based apps sputtered on it. Just today, I ran into three: a medical billing application, a popular penetration testing software, and a Web site using an SSL VPN. I get the feeling that most would support IE 7 but barf -- that's a technical word -- just because the version number isn't identified as IE 5 or 6. Others will, too, such as those containing strangely coded JavaScript buttons, cross-domain Windows, and other insecure coding techniques no longer supported by IE 7.

Unless you run IE 6 in a virtual machine session (or follow one of the dubious Internet hacks), you cannot run IE 6 and 7 at the same time. Alas, many users and administrators will install IE 7 first, before testing, only to find out that one or more applications don't work with Microsoft's latest browser version.

Fortunately, uninstalling IE 7 at the desktop level is pretty easy. Just go to the Add/Remove Programs Control Panel applet and choose the Remove button to the right of Windows Internet Explorer 7. After an uninstall and reboot, the computer should have the previous version running. I've done this many times and never had a problem, although I'm sure it will hiccup on some small percentage of folks.

I'm not sure if I can blame Microsoft for breaking so many applications in the pursuit of better security. The beta versions of the software have been available for nearly a year. If I've been able to test all my applications by now, certainly your vendor should have been able.

If your application doesn't work with IE 7, you can always stick with IE 6, or use another browser, if the application supports it. I'd recommend that you quickly test all your applications and needed Web sites for IE 7 compatibility and request IE 7 compatibility if it isn't already supported. I suspect come Nov. 2, we'll all be reading about some unhappily surprised end-users. Make sure your company is prepared.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies