Microsoft Ships Internet Explorer 7.0

Late yesterday, Microsoft shipped the final version of Microsoft Internet Explorer (IE) 7.0 for 32-bit and 64-bit versions of Windows Server 2003 and Windows XP. IE 7.0 offers many functional and security improvements and puts Microsoft's browser nearly at feature parity with its main competitor, Mozilla Firefox.

IE 7.0's new features include tabbed browsing, integrated search, RSS support, and major display and printing enhancements. On the security front, IE 7.0 offers improvements such as an integrated phishing filter and better defenses against malicious ActiveX controls.

In a recent briefing, Microsoft director of IE product management Gary Schare told me that IE 7.0 had been honed over a steady series of public beta releases and that very little has changed since the last prerelease build, dubbed Release Candidate 1 (RC1). "Since RC1, we only changed one major functional area," Schare said. "We decided to migrate the browser's search-provider settings during upgrades." In response to concerns from Google and Yahoo!, Microsoft will provide customers who upgrade IE with a screen that displays their current search provider and lets them accept or change it.

Schare also highlighted a recent report from technical services firm 3Sharp that concluded that IE 7.0's phishing filter offers the best overall accuracy of any antiphishing solution. He also noted that a few Web-site compatibility problems are no longer "hugely problematic," though some users might temporarily encounter incompatible sites. Given the expected upgrade rate, these problems are likely to be resolved quickly.

Finally, Schare reiterated Microsoft's plans for distributing IE 7.0. Microsoft will release the new browser as a high-priority update through Automatic Updates in about three weeks. However, IE 7.0 will be distributed over time, so it could take two or three months for IE 7.0 to be distributed to all Automatic Update users. Unlike other high-priority updates, IE 7.0 won't be installed automatically. Instead, users will see an advertisement for the browser and choose whether to install it. There's no default choice, Schare said, so users won't run into a situation where IE 7.0 is installed by mistake. Corporations that want to prevent users from accepting the upgrade can download a free nonexpiring blocker tool from the Microsoft Web site.

Apple Blasted for Cheeky iPod Warning

A day after Apple Computer posted a grammatically and politically dubious statement on its Web site complaining about a Windows virus that made its way onto a small number of iPods, Microsoft and security experts responded with some common-sense observations.

Microsoft software engineer Jonathan Poon, responsible for ensuring that Microsoft products don't ship to the public with any malware, says Apple was wrong to blame Windows and, implicitly, Microsoft for its own quality-control problems.

"It's not a matter of which platform that the virus originated \[on\]," Poon wrote in his personal blog. "The fact that it's found on the portable player means that there's an issue with how the quality checks, specifically the content check, was done. This also indicates that through the manufacturing cycle, the base device from which the image was duplicated to the other devices in the manufacturing run, was connected to a PC that most probably did not have, and I quote their press release, 'up to date antivirus software which is included with most Windows computers'."

Poon compared Apple's curiously childish public pronouncements about this concern with a similar event that occurred this week at McDonald's restaurants in Japan. "McDonald's in Japan encountered a similar incident just a few days earlier as well," he wrote. "Indeed, they published a press release, apologized for it, and did not insinuate that Windows was the cause of their issue. Furthermore, they provided a very specific fix to their issue, compared to a general set of linkages to trial and/or free versions of anti-virus scanners."

Others were even less impressed by Apple's tactics. Randy Abrams, director of technical education at ESET, a global provider of security software for enterprises and consumers, wrote in his own blog that the contrast between the Apple and McDonald's incidents is even more embarrassing to Apple that it would seem at first. "Apple doesn't seem to get it," he wrote. "It isn't that there was a virus on the iPods, the issue is that they did not know what they were releasing. I don't expect McDonald's to understand technology, but Apple should."

"McDonald's did the responsible thing and accepted responsibility," Abrams continues. "Apple tried to deflect blame by pointing fingers at Microsoft ... \[This is\] a complete lack of security in a manufacturing environment. Manufacturing completely failed to institute basic quality assurance and moderate quality control. But hey, why waste an opportunity to blame Microsoft for content on an iPod?"