Microsoft Corp. last week released a new build of the Internet Explorer 4.0 beta to private testers, only to be hit with reports of more bugs and security breaches in other areas.
The new build addresses some concerns from the first beta, including printing problems and sluggish installation and setup. It also adds some of the push functions that Microsoft has been touting.
The first private beta required users to download and install IE 4.0 directly from the server, a procedure about which beta testers complained loudly. Changes to the ActiveSetup system now let users simply download the compressed files and install IE 4.0 later.
"The deferred installation is a lot more convenient," said a beta tester, who requested anonymity. "And the download seems a lot smoother."
The new build also fixed recently reported bugs that let malicious HTML links launch applications on a remote desktop. IE 4.0's Outlook Express, the new Mail and News client, was susceptible to these bugs because it lets users send HTML pages as mail messages.
Meanwhile, another round of bugs was uncovered that could pose threats to users of Internet Explorer and other Microsoft Internet and networking products.
One recently discovered hole in Internet Explorer makes it possible for hackers to get users' log-in passwords over the Internet, according to Computer and Network Security researchers at www.security.org.il. Microsoft, of Redmond, Wash., had not responded with a patch for the hole by late last week.
Microsoft last week also posted a fix for a bug in the FrontPage Server Extensions that could have let people viewing a Web page add content to the page by editing the HTML.
Users also reported a problem with Macromedia Inc.'s Shockwave plug-in that allowed a Web server to read files on clients using various E-mail packages. Macromedia officials said users can download a fixed version of Shockwave 5.0 from the Macromedia Web site.
On the positive side for IE 4.0, a group of ISVs last week threw support behind the new Dynamic HTML technology that will be built into the browser.
Borland International Inc., the Powersoft division of Sybase Inc. and Macromedia each announced that its development and authoring tools would support the new object model for HTML.
Additional reporting by Jim Rapoza
More bugs explored in Internet Explorer 4.0 |
Bug
|
Status
|
Outlook Express susceptible to HTML application-launching bug
|
Fixed in beta
|
Shockwave control lets users read E-mail
|
Update posted by Macromedia
|
FrontPage Server Extensions let people add content to a page
|
Microsoft patch posted
|
Samba SMB server can reveal passwords of Explorer users
|
Patch pending
|