Slashdot Mirror

← Back to Stories (view on slashdot.org)

IE7 Bug Reports Flooding In

Posted by Zonk on from the experience-them-now-avoid-the-rush dept.

the JoshMeister writes "According to ZDNet, bug reports are already flooding in for Microsoft's new Internet Explorer 7 Beta 2 Preview. Specific issues include the possibility of arbitrary code execution as well as incompatibilities with McAfee Security Center, anti-spyware programs, and online banking sites." From the article: "... browser testers may already be at risk, according to security researcher Tom Ferris. Late Tuesday, Ferris released details of a potential security flaw in IE 7. An attacker could exploit the flaw by crafting a special Web page that could be used to crash the browser or gain complete control of a vulnerable system, Ferris said in an advisory on his Web site. Microsoft had no immediate comment on Ferris' alert."

14 of 259 comments (clear)

  1. Duh! by sparkydevil · · Score: 5, Insightful

    Of course it's got bugs -- it's a beta!

    1. Re:Duh! by Junior+J.+Junior+III · · Score: 4, Insightful

      That's what I was going to say, bug reports flooding in are a sign of a successful beta test. I wonder how many of them Microsoft will actually be fixing, though... that's kindof the whole point of it all.

      --
      You see? You see? Your stupid minds! Stupid! Stupid!
  2. Wow by saboola · · Score: 4, Funny

    A beta of a Microsoft product has bugs? Color me surprised!

  3. good! by steve.m · · Score: 4, Insightful

    sounds like a productive beta test. end users finding lots of bugs.

    (anyone who would use it - or anything else beta - in a production environment is insane)

  4. This a good thing by Beelub · · Score: 5, Insightful
    Getting bug reports on beta software is good. That's why it's released as beta.

    Why is this front page, unless it's just the usual knee-jerk, let's-find-something-bad-to-say-about-Microsoft thing that makes Slashdot less than useful for info about anything about Microsoft.

    Yeesh.

    1. Re:This a good thing by 99BottlesOfBeerInMyF · · Score: 4, Insightful

      Why is this front page

      This is on the front page for a number of reasons. First, it is somewhat indicative of the quality of the new software MS is planning to release. Yes, betas will have bugs, but no comment has been made about the remote exploit from MS, nor about the myriad failures to implement CSS properly. The number of bugs found in such a small time, is a meaningful metric and of interest to people here. It indicates to many of us, that the final version is still unlikely to properly implement the spec and that whatever new security practices MS is employing are probably not working to stop vulnerabilities. (Gee, big surprise.) The number of incompatibilities with current banking and other Websites is a useful indication to how much work the Web designers among us are likely to have ahead of us.

      Second, because of the design of Windows and IE you can either install this beta for testing, or you can install the current IE, but not both. This means a number of people will install the beta, but end up also using it as an everyday browser, since they don't want to be constantly installing and uninstalling it for testing. Thus, security concerns with this beta may actually be a real concern. Those among us working to secure networks may want to account for this by restricting use of this browser for the time being.

      Finally, the number of bug reports is a useful metric for gauging interest in the product, which is also of concern to people here.

  5. Story is inaccurate... by Manip · · Score: 5, Interesting

    Calling Tom Ferris a "Security Researcher" is like calling Bill Gates a programmer... He is more a 'Robert Scoble' character. And his discovery of arbitrary code execution is incorrect as per the link: http://blogs.msdn.com/ie/archive/2006/02/01/522682 .aspx

    The guy is not a professional anything, I mean he lists workarounds as 'Firefox'; which just shows how little he understands the security field which he claims to work in (A workaround should be a way to fix or bypass the bug, not a blind pointer at some random other product, even the Linux Security guys know that).

  6. Bug identification & research for a beta relea by digitaldc · · Score: 4, Funny

    Look at the bright side, now we know what Ferris does on his days off.

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  7. It's.. Beta? by PhrostyMcByte · · Score: 4, Insightful

    How is this news? Betas are there for finding bugs. If you don't want to risk more than the usual, how about just not using it?

    The past builds were also riddled with bugs, and the IE developers are very involved with testers to fix them. It's not like they're just sitting with their hands over their ears yelling "LA LA LA LA I can't hear you!"

  8. More annoying than the bugs.. by chou+oishii · · Score: 5, Interesting

    ..are the way it: a) Requires you to validate windows to install, b) Requires a reboot, and c) Actually attempts to pass off things like tabbed browsing and a search bar as innovative (really, take a look at the "demo" they bring you to when you first install it).

    I'm not asking them to spend money advertising the fact that they're way behind the curve on browsers, just to stop lying to me.

  9. So let me get this straight .... by Brian+McCoy · · Score: 4, Informative

    people are claiming that a Preview Release ,not even a full beta yet, has bugs? Just wondering what these industry leading geniuses thought they were getting with a preview release? I have been using IE7 for a couple months now, my work provides me with a Technet Plus subscription, and I have had some issues. In most, if not all cases, I have been able to work around them and still rely heavily on Firefox. I will say that Microsoft has finally added some much needed functionality to their browser such as tabbed browsing and keyboard shortcuts which are exactly the same as Firefox's (coincidence, I think not). I guess my point is it's a preview release, it's not perfect and it has bugs, by using beta software you are agreeing to help solve some of the problems before final release, and there will be problems. Just my two cents worth.

    --
    You must learn to be still in the midst of activity and to be vibrantly alive in repose. -Indira Gandhi
  10. Treat IE 7 as IE 6? by Pascal+Sartoretti · · Score: 5, Interesting

    The problem for Microsoft is that many web applications use the following logic:

    if (browser is Internet Explorer) then

    emit HTML code that works around the numerous rendering bugs of IE

    else (Mozilla, Netscape, Opera)

    emit standards-compliant HTML code
    With this kind of (flawed) logic, IE 7 will often be identified as IE, and hence be provided with IE 6-specific HTML code, whereas it should have been sent "correct" HTML code. The result may be, well, interesting :-)

    I really don't see what Microsoft can do against this. They can't expect millions of web sites to be updated overnight just to support IE 7.

    1. Re:Treat IE 7 as IE 6? by kawika · · Score: 4, Insightful

      Don't let Microsoft off the hook that easily. Most of the problems I've seen with this IE7 beta aren't the "we messed up the implementation" variety. They are the "we still don't support all of CSS" variety.

      Microsoft has eliminated several bugs that made it easy to identify IE6 and apply hacks to the CSS. For example, the "* html" selector let you apply CSS rules just for IE because it's ignored by standards-compliant browsers. Now IE7 ignores that too. However, the need for hacks is still there. IE7 still does not implement several important CSS features that necessitated the hacks in the first place, such as min-height.

      If Microsoft were to decide that this beta was "close enough" or even if it fixes just the minimum number of things to keep major sites from breaking, that's not going to help. Designers will end up needing an entirely different set of hacks to make up for the fact that IE7 is *still* not a complete CSS2 implementation.

  11. Re:Ahh... what a relief... by Kirsha · · Score: 4, Funny

    Yes, specially since Firefox never had any bugs!

    Right?