Security bug reports are flawed, Microsoft says. But there are compatibility woes as company servers buckle.
A day after its release, some minor issues with Internet Explorer 7 have materialized, but overall the new Microsoft browser appears to be well received.
Microsoft has defused what would be the most serious issue: a first security hole in the browser since . There is a vulnerability, but in Outlook Express, not IE, Christopher Budd, a Microsoft security response representative, wrote on a corporate Microsoft blog Thursday. Security firms, including Secunia, had reported a flaw in IE 7.
Web browsers, including IE 7, can be used as the vector in an attack that exploits the Outlook Express flaw, Budd wrote. Microsoft is investigating the issue and may issue a fix at a later date, he wrote. The problem has not yet been used in active attacks, the software maker said.
IE 7 users are reporting problems with some Web sites that won't display or display incorrectly. Some of these sites use technology from Autodesk that doesn't work with the new browser and causes errors, people report in the Autodesk support forum.
"Our homepage does not run with IE 7," one Autodesk customer writes. "I am looking forward to a fix either from Microsoft or from Autodesk. We rely on DWF and HTTP. Therefore a solution is needed for sure." DWF viewer is an Autodesk tool for viewing and printing 2D and 3D designs in the Autodesk Design Web Format.
Autodesk plans to include IE 7 support in the next major release of DWF viewer, Scott Sheppard, an Autodesk employee, wrote in the support forum. "In the mean time?our customers need to be prepared to disable the automatic update of IE7 which is scheduled for October," Sheppard wrote. Microsoft, however, said the automatic update is planned for November.
Microsoft has warned of compatibility issues and prior to the final versions so Web administrators and software companies could prepare, a company representative said in an e-mail.
"Microsoft has released six beta versions of the product along with extensive guidance on how to get compatible with the new version," the representative said. "We've seen incredible support?and believe that our customers should upgrade with confidence that the majority of the sites and applications will work."
Aside from the vulnerability report, there was another security alarm. At least one person reported that the IE 7 download page was infected with a virus. Microsoft investigated the claim, but found that it was the result of a "false positive" by the AVAST anti-virus scanner. "A thorough analysis of our site has shown that the page is not infected by the VBS:ZULU virus or any other malicious code," a Microsoft representative said.
Perhaps the most significant problem is the apparent popularity of IE 7. Microsoft's servers are buckling under the number of downloads and new installations of the program. As a result, some people who install IE 7 get an error when viewing the IE 7 start page after firing up the browser for the first time.
"We?re seeing such an incredible response to IE 7, that the 'runonce' page is being overloaded at times," the Microsoft representative said. "Microsoft is currently adding server capacity. We expect the majority of people who are downloading IE 7 to have a seamless experience, but will continue to monitor and adjust our capacity as needed."
IE 7 is the in five years. The update includes many features, such as tabbed browsing and RSS support, already found in competing software, and Opera.
Security was the No. 1 investment for the update, Microsoft has said. Critics have likened predecessor IE 6 to "Swiss cheese" because of the many security vulnerabilities in it. Microsoft plans to via Automatic Updates in Windows XP in November.