Microsoft has urged people to update Internet Explorer after finding a major flaw. The browser's memory corruption vulnerability lets attackers remotely execute code as if they were the computer's.
-->Get the latest updates available for your computer's operating system, software, and hardware. We will scan your computer and provide you with a selection. Oct 11, 2017 HKEYLOCALMACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerMainFeatureControl Create a new key with the name FEATUREALLOWUSER32EXCEPTIONHANDLERHARDENING. Under the new key, add a new DWORD entry “iexplore.exe”. Set the DWORD value to 1. See Microsoft Security Bulletin MS15-135 for the.
Cumulative Security Update for Internet Explorer (2976627)
Published: August 12, 2014 | Updated: June 17, 2015
Version: 1.4
General Information
Executive Summary
This security update resolves one publicly disclosed and twenty-five privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
This security update is rated Critical for Internet Explorer 6 (IE 6), Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 6 (IE 6), Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers. For more information, see the Affected and Non-Affected Software section.
The security update addresses the vulnerabilities by modifying the way that Internet Explorer handles objects in memory, and by adding additional permission validations to Internet Explorer. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry later in this bulletin.
Recommendation. Most customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871. For customers who do not have automatic updating enabled, the steps in Turn automatic updating on or off can be used to enable automatic updating.
For enterprise installations, or administrators and end users who want to install this security update manually (including customers who have not enabled automatic updating), Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service. The updates are also available via the download links in the Affected Software table in this bulletin.
For additional guidance, see the Detection and Deployment Tools and Guidance section in this bulletin.
Knowledge Base Article
- Knowledge Base Article: 2976627
- File Information: Yes
- SHA1/SHA2 hashes: Yes
- Known issues: Yes
Affected and Non-Affected Software
The following software has been tested to determine which versions or editions are affected. Other versions or editions are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see Microsoft Support Lifecycle.
Affected Software
| Operating System | Component | Maximum Security Impact | Aggregate Severity Rating | Updates Replaced |
|---|---|---|---|---|
| **Internet Explorer 6** | ||||
| Windows Server 2003 Service Pack 2 | [Internet Explorer 6](http://www.microsoft.com/downloads/details.aspx?familyid=91d6b2ee-7db3-439c-af84-780c3cc3e1f6) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2003 x64 Edition Service Pack 2 | [Internet Explorer 6](http://www.microsoft.com/downloads/details.aspx?familyid=d1f0da02-6a0b-4386-ad37-be0240d79b60) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2003 with SP2 for Itanium-based Systems | [Internet Explorer 6](http://www.microsoft.com/downloads/details.aspx?familyid=86a7742e-f0d3-4074-beab-8c2e62b81132) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| **Internet Explorer 7** | ||||
| Windows Server 2003 Service Pack 2 | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=96bb226b-d5b9-426b-9e39-d8b9b4b468fc) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2003 x64 Edition Service Pack 2 | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=6ca0553b-830f-4de2-93dc-01830e0611fc) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2003 with SP2 for Itanium-based Systems | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=c1062b28-b4e3-43df-b6e5-09befab0c23b) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Vista Service Pack 2 | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=8cb40a91-f6dd-4c65-8072-a3c54c519105) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Vista x64 Edition Service Pack 2 | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=a9e64b8a-5b36-4bb5-bfe7-9ef393bec708) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=7f356c65-dace-47be-be99-d4d36b51ace8) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2008 for x64-based Systems Service Pack 2 | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=e3f93f55-5194-4395-ae57-52808a50a65d) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2008 for Itanium-based Systems Service Pack 2 | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=40533d91-831f-4b69-b644-ed21da2e0f3f) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| **Internet Explorer 8** | ||||
| Windows Server 2003 Service Pack 2 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=dc911cb6-43d1-4a3c-894f-6a1f44f138cf) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2003 x64 Edition Service Pack 2 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=ec53c4d4-d860-400e-bd7c-f9ef352f09b3) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Vista Service Pack 2 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=ef365b80-c35e-4c96-92d0-4f4d754f1f16) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Vista x64 Edition Service Pack 2 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=90cd28e6-23d3-4be2-b469-f3492c77eb98) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=0a83e3f5-4814-4729-a39b-3bc907af3c4e) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2008 for x64-based Systems Service Pack 2 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=217404ff-f086-455d-8674-299b0d4dac7a) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows 7 for 32-bit Systems Service Pack 1 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=c81583a4-dc99-4f24-aa5f-80c4ce71685f) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows 7 for x64-based Systems Service Pack 1 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=c6d94888-b029-4104-a1e0-a008963184fc) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=d76ab749-b625-4e3e-8372-69499f2f74b8) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=27c89527-4a68-4d46-a5f5-7efaa3589107) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| **Internet Explorer 9** | ||||
| Windows Vista Service Pack 2 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=18946114-b012-4cfc-aa18-02417d3854a8) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Vista x64 Edition Service Pack 2 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=32cd2e85-daf9-45fe-a041-f063a7922805) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=3c5e6a2d-bede-44df-8c79-a363fe38597f) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2008 for x64-based Systems Service Pack 2 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=239af24b-eed2-4b78-a0d2-1e31b27a703c) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows 7 for 32-bit Systems Service Pack 1 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=36e989cb-b57b-46b7-b465-644b6347eebc) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows 7 for x64-based Systems Service Pack 1 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=6588fa8f-6d40-4581-a64e-2eff784091ed) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=c1c87f1d-4572-4ce0-aca3-cf1e0520ba8b) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| **Internet Explorer 10** | ||||
| Windows 7 for 32-bit Systems Service Pack 1 | [Internet Explorer 10](http://www.microsoft.com/downloads/details.aspx?familyid=e9502fb8-063b-4877-a58f-10a4765542df) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows 7 for x64-based Systems Service Pack 1 | [Internet Explorer 10](http://www.microsoft.com/downloads/details.aspx?familyid=f07cda63-b27b-4d93-9dde-e5b7fd19edec) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | [Internet Explorer 10](http://www.microsoft.com/downloads/details.aspx?familyid=a5ee58e2-24e4-41a4-a1bc-9c88a5b8fcab) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows 8 for 32-bit Systems | [Internet Explorer 10](http://www.microsoft.com/downloads/details.aspx?familyid=9752017d-2568-4450-b000-76d41ec7eace) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows 8 for x64-based Systems | [Internet Explorer 10](http://www.microsoft.com/downloads/details.aspx?familyid=6f9de4fa-1048-4e8b-8327-b90690f3a8be) (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2012 | [Internet Explorer 10](http://www.microsoft.com/downloads/details.aspx?familyid=bc85affd-a4d9-45d5-8145-d9a9c579ab7b) (2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows RT | Internet Explorer 10[1] (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| **Internet Explorer 11** | ||||
| Windows 7 for 32-bit Systems Service Pack 1 | [Internet Explorer 11](http://www.microsoft.com/downloads/details.aspx?familyid=6d99e879-df98-4915-add6-99fd1b61a22b) [2](2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows 7 for x64-based Systems Service Pack 1 | [Internet Explorer 11](http://www.microsoft.com/downloads/details.aspx?familyid=4365b653-acfb-4503-91ee-f8c86cd6af7f) [2](2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | [Internet Explorer 11](http://www.microsoft.com/downloads/details.aspx?familyid=9ec71f80-21e5-4d3c-8715-b3e2ff31294a) [2](2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows 8.1 for 32-bit Systems | [Internet Explorer 11](http://www.microsoft.com/downloads/details.aspx?familyid=1e296d48-6e50-4dfb-acbe-ae0dca681665) [3](2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows 8.1 for x64-based Systems | [Internet Explorer 11](http://www.microsoft.com/downloads/details.aspx?familyid=f800bc26-9923-4b01-a4e6-16bee040fe0f) [3](2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows Server 2012 R2 | [Internet Explorer 11](http://www.microsoft.com/downloads/details.aspx?familyid=2529ba9c-8242-4ed8-8bc8-af44a15f4e4c) [3](2976627) | Remote Code Execution | Moderate | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
| Windows RT 8.1 | Internet Explorer 11[1][3] (2976627) | Remote Code Execution | Critical | 2962872 in [MS14-037](http://go.microsoft.com/fwlink/?linkid=402324) |
This update is available via [Windows Update](http://go.microsoft.com/fwlink/?linkid=21130).[2]This update is for systems that have the 2929437 update installed. See the Update FAQ for more information.
[3]This update is for systems that have the 2919355 update installed. See the Update FAQ for more information.
Non-Applicable Software
| Operating System | Component |
|---|---|
| **Server Core installation** | |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | Not applicable |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | Not applicable |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | Not applicable |
| Windows Server 2012 (Server Core installation) | Not applicable |
| Windows Server 2012 R2 (Server Core installation) | Not applicable |
Update FAQ
I am running Internet Explorer 11 on Windows 8.1, Windows Server 2012 R2, or Windows RT 8.1. Why am I not being offered the 2976627 update?
To be offered any security updates on Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2, the 2919355 update must be installed on the system. For more information, see Microsoft Knowledge Base Article 2919355.
I am running Internet Explorer 11 on Windows 7 or Windows Server 2008 R2. Why am I not being offered the 2976627 update?
To be offered any security updates for Internet Explorer 11 on Windows 7 or Windows Server 2008 R2, update 2929437 must be installed on the system. For more information, see Microsoft Knowledge Base Article 2929437.
For Internet Explorer 11 are there any prerequisites for the 2976627 update?
Yes. Customers running Windows 8.1, Windows Server 2012 R2, or Windows RT 8.1 must first install the 2919355 update released in April, 2014 before installing the 2976627 update. For more information about the prerequisite update, see Microsoft Knowledge Base Article 2919355.
Customers running Internet Explorer 11 on Windows 7 or Windows Server 2008 R2, must first install the 2929437 update released in April, 2014 before installing the 2976627 update. For more information about this prerequisite update, see Microsoft Knowledge Base Article 2929437.
How are Server Core installations affected by the vulnerabilities addressed in this bulletin?
The vulnerabilities addressed by this update do not affect supported editions of Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 as indicated in the Non-Applicable Software table, when installed using the Server Core installation option. For more information on this installation option, see the TechNet articles, Managing a Server Core Installation: Overview, Servicing a Server Core Installation, and Server Core and Full Server Integration Overview.
I am using an older release of the software discussed in this security bulletin. What should I do?
The affected software listed in this bulletin has been tested to determine which releases are affected. Other releases are past their support life cycle. For more information about the product lifecycle, see the Microsoft Support Lifecycle website.
It should be a priority for customers who have older releases of the software to migrate to supported releases to prevent potential exposure to vulnerabilities. To determine the support lifecycle for your software release, see Select a Product for Lifecycle Information. For more information about service packs for these software releases, see Service Pack Lifecycle Support Policy.
Customers who require custom support for older software must contact their Microsoft account team representative, their Technical Account Manager, or the appropriate Microsoft partner representative for custom support options. Customers without an Alliance, Premier, or Authorized Contract can contact their local Microsoft sales office. For contact information, see the Microsoft Worldwide Information website, select the country in the Contact Information list, and then click Go to see a list of telephone numbers. When you call, ask to speak with the local Premier Support sales manager. For more information, see the Microsoft Support Lifecycle Policy FAQ.
Severity Ratings and Vulnerability Identifiers
The following severity ratings assume the potential maximum impact of the vulnerability. For information regarding the likelihood, within 30 days of this security bulletin's release, of the exploitability of the vulnerability in relation to its severity rating and security impact, please see the Exploitability Index in the August bulletin summary. For more information, see Microsoft Exploitability Index.
In the following table: Where specified, Critical, Important, and Moderate values indicate severity ratings. For more information, see Security Bulletin Severity Rating System. Where specified, RCE (Remote Code Execution), EoP (Elevation of Privilege), and Security Feature Bypass indicate maximum impact.
For example, Windows Clients: Critical / RCE specifies that the vulnerability is Critical severity with impact of remote code execution for the affected version of Internet Explorer running on a Windows client operating system. Windows Servers: Moderate / RCE specifies that the vulnerability is Moderate severity with impact of remote code execution for the affected version of Internet Explorer running on a Windows server operating system. Windows Clients and Servers:Moderate / Security Feature Bypass specifies that the vulnerability is Moderate severity with impact of security feature bypass for the affected version of Internet Explorer running on either a Windows client or Windows server operating system.
Severity Ratings and Impact
| CVE number | Vulnerability Title | Internet Explorer 6 | Internet Explorer 7 | Internet Explorer 8 | Internet Explorer 9 | Internet Explorer 10 | Internet Explorer 11 |
|---|---|---|---|---|---|---|---|
| CVE-2014-2774 | Internet Explorer Memory Corruption Vulnerability | Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-2784 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-2796 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-2808 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-2810 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-2811 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-2817 | Internet Explorer Elevation of Privilege Vulnerability | Windows Servers: Moderate / EoP | Windows Clients: Important / EoP Windows Servers: Moderate / EoP | Windows Clients: Important / EoP Windows Servers: Moderate / EoP | Windows Clients: Important / EoP Windows Servers: Moderate / EoP | Windows Clients: Important / EoP Windows Servers: Moderate / EoP | Windows Clients: Important / EoP Windows Servers: Moderate / EoP |
| CVE-2014-2818 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Not applicable |
| CVE-2014-2819 | Internet Explorer Elevation of Privilege Vulnerability | Not applicable | Windows Clients: Important / EoP Windows Servers: Moderate / EoP | Windows Clients: Important / EoP Windows Servers: Moderate / EoP | Windows Clients: Important / EoP Windows Servers: Moderate / EoP | Windows Clients: Important / EoP Windows Servers: Moderate / EoP | Windows Clients: Important / EoP Windows Servers: Moderate / EoP |
| CVE-2014-2820 | Internet Explorer Memory Corruption Vulnerability | Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE number | Vulnerability Title | Internet Explorer 6 | Internet Explorer 7 | Internet Explorer 8 | Internet Explorer 9 | Internet Explorer 10 | Internet Explorer 11 |
| CVE-2014-2821 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Not applicable | Not applicable |
| CVE-2014-2822 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-2823 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-2824 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Not applicable | Not applicable | Not applicable |
| CVE-2014-2825 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-2826 | Internet Explorer Memory Corruption Vulnerability | Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-2827 | Internet Explorer Memory Corruption Vulnerability | Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-4050 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-4051 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-4052 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Not applicable |
| CVE number | Vulnerability Title | Internet Explorer 6 | Internet Explorer 7 | Internet Explorer 8 | Internet Explorer 9 | Internet Explorer 10 | Internet Explorer 11 |
| CVE-2014-4055 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-4056 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Not applicable |
| CVE-2014-4057 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-4058 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-4063 | Internet Explorer Memory Corruption Vulnerability | Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-4067 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-8985 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-4145 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
| CVE-2014-6354 | Internet Explorer Memory Corruption Vulnerability | Not applicable | Not applicable | Not applicable | Not applicable | Not applicable | Windows Clients: Critical / RCE Windows Servers: Moderate / RCE |
Multiple Internet Explorer Elevation of Privilege Vulnerabilities
Multiple elevation of privilege vulnerabilities exist in Internet Explorer. An attacker who successfully exploited these vulnerabilities could elevate privileges in affected versions of Internet Explorer. These vulnerabilities by themselves do not allow arbitrary code to be run. However, these vulnerabilities could be used in conjunction with another vulnerability (e.g., a remote code execution vulnerability) that could take advantage of the elevated privileges when running arbitrary code.
To view any of these vulnerabilities as a standard entry in the Common Vulnerabilities and Exposures list, click a link in the following table:
| Vulnerability title | CVE number |
| Internet Explorer Elevation of Privilege Vulnerability | CVE-2014-2817 |
| Internet Explorer Elevation of Privilege Vulnerability | CVE-2014-2819 |
| CVE number | Publicly Disclosed |
| CVE-2014-2817 | No |
| CVE-2014-2819 | Yes |
| CVE number | Exploited |
| CVE-2014-2817 | Yes |
| CVE-2014-2819 | No |
| Vulnerability title | CVE number |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2774 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2784 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2796 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2808 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2810 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2811 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2818 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2820 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2821 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2822 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2823 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2824 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2825 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2826 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-2827 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-4050 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-4051 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-4052 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-4055 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-4056 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-4057 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-4058 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-4063 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-4067 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-8985 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-4145 |
| Internet Explorer Memory Corruption Vulnerability | CVE-2014-6354 |
| CVE number | Publicly Disclosed |
| CVE-2014-2774 | No |
| CVE-2014-2784 | No |
| CVE-2014-2796 | No |
| CVE-2014-2808 | No |
| CVE-2014-2810 | No |
| CVE-2014-2811 | No |
| CVE-2014-2818 | No |
| CVE-2014-2820 | No |
| CVE-2014-2821 | No |
| CVE-2014-2822 | No |
| CVE-2014-2823 | No |
| CVE-2014-2824 | No |
| CVE-2014-2825 | No |
| CVE-2014-2826 | No |
| CVE-2014-2827 | No |
| CVE-2014-4050 | No |
| CVE-2014-4051 | No |
| CVE-2014-4052 | No |
| CVE-2014-4055 | No |
| CVE-2014-4056 | No |
| CVE-2014-4057 | No |
| CVE-2014-4058 | No |
| CVE-2014-4063 | No |
| CVE-2014-4067 | No |
| CVE-2014-8985 | No |
| CVE-2014-4145 | No |
| CVE-2014-6354 | No |
| CVE number | Exploited |
| CVE-2014-2774 | No |
| CVE-2014-2784 | No |
| CVE-2014-2796 | No |
| CVE-2014-2808 | No |
| CVE-2014-2810 | No |
| CVE-2014-2811 | No |
| CVE-2014-2818 | No |
| CVE-2014-2820 | No |
| CVE-2014-2821 | No |
| CVE-2014-2822 | No |
| CVE-2014-2823 | No |
| CVE-2014-2824 | No |
| CVE-2014-2825 | No |
| CVE-2014-2826 | No |
| CVE-2014-2827 | No |
| CVE-2014-4050 | No |
| CVE-2014-4051 | No |
| CVE-2014-4052 | No |
| CVE-2014-4055 | No |
| CVE-2014-4056 | No |
| CVE-2014-4057 | No |
| CVE-2014-4058 | No |
| CVE-2014-4063 | No |
| CVE-2014-4067 | No |
| CVE-2014-8985 | No |
| CVE-2014-4145 | No |
| CVE-2014-6354 | No |
| Security update file names | For Internet Explorer 6 for all supported 32-bit editions of Windows Server 2003: WindowsServer2003-KB2976627-x86-ENU.exe |
| For Internet Explorer 6 for all supported x64-based editions of Windows Server 2003: WindowsServer2003-KB2976627-x64-ENU.exe | |
| For Internet Explorer 6 for all supported Itanium-based editions of Windows Server 2003: WindowsServer2003-KB2976627-ia64-ENU.exe | |
| For Internet Explorer 7 for all supported 32-bit editions of Windows Server 2003: IE7-WindowsServer2003-KB2976627-x86-ENU.exe | |
| For Internet Explorer 7 for all supported x64-based editions of Windows Server 2003: IE7-WindowsServer2003-KB2976627-x64-ENU.exe | |
| For Internet Explorer 7 for all supported Itanium-based editions of Windows Server 2003: IE7-WindowsServer2003-KB2976627-ia64-ENU.exe | |
| For Internet Explorer 8 for all supported 32-bit editions of Windows Server 2003: IE8-WindowsServer2003-KB2976627-x86-ENU.exe | |
| For Internet Explorer 8 for all supported x64-based editions of Windows Server 2003: IE8-WindowsServer2003-KB2976627-x64-ENU.exe | |
| Installation switches | See Microsoft Knowledge Base Article 262841 |
| Update log file | For Internet Explorer 6 for all supported 32-bit editions, x64-based editions, and Itanium-based editions of Windows Server 2003: KB2976627.log |
| For Internet Explorer 7 for all supported 32-bit editions, x64-based editions, and Itanium-based editions of Windows Server 2003: KB2976627-IE7.log | |
| For Internet Explorer 8 for all supported 32-bit editions and x64-based editions of Windows Server 2003: KB2976627-IE8.log | |
| Restart requirement | Yes, you must restart your system after you apply this security update. |
| Removal information | For Internet Explorer 6 for all supported 32-bit editions, x64-based editions, and Itanium-based editions of Windows Server 2003: Use Add or Remove Programs item in Control Panel or the Spuninst.exe utility located in the Use the Spuninst.exe utility, located in the %Windir%$NTUninstallKB2976627$Spuninst folder |
| For Internet Explorer 7 for all supported 32-bit editions, x64-based editions, and Itanium-based editions of Windows Server 2003: Use Add or Remove Programs item in Control Panel or the Spuninst.exe utility located in the %Windir%ie7updatesKB2976627-IE7spuninst folder | |
| For Internet Explorer 8 for all supported 32-bit editions and x64-based editions of Windows Server 2003: Use Add or Remove Programs item in Control Panel or the Spuninst.exe utility located in the %Windir%ie8updatesKB2976627-IE8spuninst folder | |
| File information | See Microsoft Knowledge Base Article 2976627 |
| Registry key verification | For Internet Explorer 6 for all supported 32-bit editions, x64-based editions, and Itanium-based editions of Windows Server 2003: HKEY_LOCAL_MACHINESOFTWAREMicrosoftUpdatesWindows Server 2003SP3KB2976627Filelist |
| For Internet Explorer 7 for all supported 32-bit editions, x64-based editions, and Itanium-based editions of Windows Server 2003: HKEY_LOCAL_MACHINESOFTWAREMicrosoftUpdatesWindows Server 2003SP0KB2976627-IE7Filelist | |
| For Internet Explorer 8 for all supported 32-bit editions and x64-based editions of Windows Server 2003: HKEY_LOCAL_MACHINESOFTWAREMicrosoftUpdatesWindows Server 2003SP0KB2976627-IE8Filelist |
Windows Vista (all editions)
Reference Table
The following table contains the security update information for this software.
| Security update file names | For Internet Explorer 7 in all supported 32-bit editions of Windows Vista: Windows6.0-KB2976627-x86.msu |
| For Internet Explorer 7 in all supported x64-based editions of Windows Vista: Windows6.0-KB2976627-x64.msu | |
| For Internet Explorer 8 in all supported 32-bit editions of Windows Vista: IE8-Windows6.0-KB2976627-x86.msu | |
| For Internet Explorer 8 in all supported x64-based editions of Windows Vista: IE8-Windows6.0-KB2976627-x64.msu | |
| For Internet Explorer 9 for all supported 32-bit editions of Windows Vista: IE9-Windows6.0-KB2976627-x86.msu | |
| For Internet Explorer 9 for all supported x64-based editions of Windows Vista: IE9-Windows6.0-KB2976627-x64.msu | |
| Installation switches | See Microsoft Knowledge Base Article 934307 |
| Restart requirement | Yes, you must restart your system after you apply this security update. |
| Removal information | WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates. |
| File information | See Microsoft Knowledge Base Article 2976627 |
| Registry key verification | Note A registry key does not exist to validate the presence of this update. |
| Security update file names | For Internet Explorer 7 in all supported 32-bit editions of Windows Server 2008: Windows6.0-KB2976627-x86.msu |
| For Internet Explorer 7 in all supported x64-based editions of Windows Server 2008: Windows6.0-KB2976627-x64.msu | |
| For Internet Explorer 7 in all supported Itanium-based editions of Windows Server 2008: Windows6.0-KB2976627-ia64.msu | |
| For Internet Explorer 8 in all supported 32-bit editions of Windows Server 2008: IE8-Windows6.0-KB2976627-x86.msu | |
| For Internet Explorer 8 in all supported x64-based editions of Windows Server 2008: IE8-Windows6.0-KB2976627-x64.msu | |
| For Internet Explorer 9 for all supported 32-bit editions of Windows Server 2008: IE9-Windows6.0-KB2976627-x86.msu | |
| For Internet Explorer 9 in all supported x64-based editions of Windows Server 2008: IE9-Windows6.0-KB2976627-x64.msu | |
| Installation switches | See Microsoft Knowledge Base Article 934307 |
| Restart requirement | Yes, you must restart your system after you apply this security update. |
| Removal information | WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates. |
| File information | See Microsoft Knowledge Base Article 2976627 |
| Registry key verification | Note A registry key does not exist to validate the presence of this update. |
| Security update file name | For Internet Explorer 8 in all supported 32-bit editions of Windows 7: Windows6.1-KB2976627-x86.msu |
| For Internet Explorer 8 in all supported x64-based editions of Windows 7: Windows6.1-KB2976627-x64.msu | |
| For Internet Explorer 9 for all supported 32-bit editions of Windows 7: IE9-Windows6.1-KB2976627-x86.msu | |
| For Internet Explorer 9 for all supported x64-based editions of Windows 7: IE9-Windows6.1-KB2976627-x64.msu | |
| For Internet Explorer 10 for Windows 7 for 32-bit Systems Service Pack 1: IE10-Windows6.1-KB2976627-x86.msu | |
| For Internet Explorer 10 for Windows 7 for x64-based Systems Service Pack 1: IE10-Windows6.1-KB2976627-x64.msu | |
| For Internet Explorer 11 for Windows 7 for 32-bit Systems Service Pack 1: IE11-Windows6.1-KB2976627-x86.msu | |
| For Internet Explorer 11 for Windows 7 for x64-based Systems Service Pack 1: IE11-Windows6.1-KB2976627-x64.msu | |
| Installation switches | See Microsoft Knowledge Base Article 934307 |
| Restart requirement | Yes, you must restart your system after you apply this security update. |
| Removal information | To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates. |
| File information | See Microsoft Knowledge Base Article 2976627 |
| Registry key verification | Note A registry key does not exist to validate the presence of this update. |
| Security update file name | For Internet Explorer 8 in all supported x64-based editions of Windows Server 2008 R2: Windows6.1-KB2976627-x64.msu |
| For Internet Explorer 8 in all supported Itanium-based editions of Windows Server 2008 R2: Windows6.1-KB2976627-ia64.msu | |
| For Internet Explorer 9 for all supported x64-based editions of Windows Server 2008 R2: IE9-Windows6.1-KB2976627-x64.msu | |
| For Internet Explorer 10 for Windows Server 2008 R2 for x64-based Systems Service Pack 1: IE10-Windows6.1-KB2976627-x64.msu | |
| For Internet Explorer 11 for Windows Server 2008 R2 for x64-based Systems Service Pack 1: IE11-Windows6.1-KB2976627-x64.msu | |
| Installation switches | See Microsoft Knowledge Base Article 934307 |
| Restart requirement | Yes, you must restart your system after you apply this security update. |
| Removal information | To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates and select from the list of updates. |
| File information | See Microsoft Knowledge Base Article 2976627 |
| Registry key verification | Note A registry key does not exist to validate the presence of this update. |
| Security update file name | For Internet Explorer 10 in all supported 32-bit editions of Windows 8: Windows8-RT-KB2976627-x86.msu |
| For Internet Explorer 10 in all supported x64-based editions of Windows 8: Windows8-RT-KB2976627-x64.msu | |
| For Internet Explorer 11 in all supported 32-bit editions of Windows 8.1: Windows8.1-KB2976627-x86.msu | |
| For Internet Explorer 11 in all supported x64-based editions of Windows 8.1: Windows8.1-KB2976627-x64.msu | |
| Installation switches | See Microsoft Knowledge Base Article 934307 |
| Restart requirement | Yes, you must restart your system after you apply this security update. |
| Removal information | To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates. |
| File information | See Microsoft Knowledge Base Article 2976627 |
| Registry key verification | Note A registry key does not exist to validate the presence of this update. |
| Security update file name | For Internet Explorer 10 in all supported editions of Windows Server 2012: Windows8-RT-KB2976627-x64.msu |
| For Internet Explorer 11 in all supported editions of Windows Server 2012 R2: Windows8.1-KB2976627-x64.msu | |
| Installation switches | See Microsoft Knowledge Base Article 934307 |
| Restart requirement | Yes, you must restart your system after you apply this security update. |
| Removal information | To uninstall an update installed by WUSA, use the /Uninstall setup switch or click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates. |
| File information | See Microsoft Knowledge Base Article 2976627 |
| Registry key verification | Note A registry key does not exist to validate the presence of this update. |
| Deployment | This update is available via Windows Update. |
| Restart Requirement | Yes, you must restart your system after you apply this security update. |
| Removal Information | Click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates. |
| File information | Not applicable |
| Original author(s) | Thomas Reardon | ||||||
|---|---|---|---|---|---|---|---|
| Developer(s) | Microsoft | ||||||
| Initial release | August 16, 1995; 24 years ago [dubious] | ||||||
| Stable release(s) | |||||||
| |||||||
| Engines | Trident, Chakra | ||||||
| Operating system | Windows(and previously supported: Mac OS X, Solaris, HP-UX) | ||||||
| Platform | IA-32, x86-64, ARMv7, IA-64(and previously supported: MIPS, Alpha, PowerPC, 68k, SPARC, PA-RISC) | ||||||
| Included with | Windows 95 OSR1 and later Windows NT 4 and later Mac OS 8.1 through Mac OS X 10.2 Xbox 360 Xbox One | ||||||
| Standard(s) | HTML5, CSS3, WOFF, SVG, RSS, Atom, JPEG XR | ||||||
| Available in | 95 languages[2] | ||||||
| Type | Web browser Feed reader | ||||||
| License | Proprietary, requires a Windows license[3] | ||||||
| Website | www.microsoft.com/ie | ||||||
Internet Explorer[a] (formerly Microsoft Internet Explorer[b] and Windows Internet Explorer,[c] commonly abbreviated IE or MSIE) is a series of graphicalweb browsers developed by Microsoft and included in the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year. Later versions were available as free downloads, or in service packs, and included in the original equipment manufacturer (OEM) service releases of Windows 95 and later versions of Windows. The browser is discontinued, but still maintained.[4]
Internet Explorer was once the most widely used web browser, attaining a peak of about 95% usage share by 2003.[5] This came after Microsoft used bundling to win the first browser war against Netscape, which was the dominant browser in the 1990s. Its usage share has since declined with the launch of Firefox (2004) and Google Chrome (2008), and with the growing popularity of operating systems such as Android and iOS that do not support Internet Explorer. Estimates for Internet Explorer's market share are about 1.97% across all platforms or by StatCounter's numbers ranked 8th, while on desktop, the only platform on which it has ever had significant share (e.g., excluding mobile and Xbox) it is ranked 5th at 4.4%,[6] after its replacement Microsoft Edge, which at 4.71% that 2019 August month is the first time ranked higher than IE. IE and Edge manage to reach third rank after Firefox (and previously managed second rank after Chrome) when their (others[7] place IE 3rd with 7.44% after Firefox). Microsoft spent over US$100 million per year on Internet Explorer in the late 1990s,[8] with over 1,000 people involved in the project by 1999.[9][10]
Versions of Internet Explorer for other operating systems have also been produced, including an Xbox 360 version called Internet Explorer for Xbox and for platforms Microsoft no longer supports: Internet Explorer for Mac and Internet Explorer for UNIX (Solaris and HP-UX), and an embedded OEM version called Pocket Internet Explorer, later rebranded Internet Explorer Mobile made for Windows CE, Windows Phone and previously, based on Internet Explorer 7 for Windows Phone 7.
On March 17, 2015, Microsoft announced that Microsoft Edge would replace Internet Explorer as the default browser on its Windows 10 devices (while support for older Windows has since been announced, as of 2019 Edge still has lower share than IE's, that's in decline). This effectively makes Internet Explorer 11 the last release (however IE 8, 9, and 10 also receive security updates as of 2019).[11][12][13] Internet Explorer, however, remains on Windows 10 and Windows Server 2019 primarily for enterprise purposes.[14][15] Since January 12, 2016, only Internet Explorer 11 has official support for consumers; Internet Explorer 10 also has extended support to January 2020 on certain platforms.[16][17][18] Support varies based on the operating system's technical capabilities and its support lifecycle.[19]
The browser has been scrutinized throughout its development for use of third-party technology (such as the source code of Spyglass Mosaic, used without royalty in early versions) and security and privacy vulnerabilities, and the United States and the European Union have alleged that integration of Internet Explorer with Windows has been to the detriment of fair browser competition.[20]
- 1History
- 2Features
- 5Security
- 6Market adoption and usage share
History[edit]
Internet Explorer 1[edit]
The Internet Explorer project was started in the summer of 1994 by Thomas Reardon, who, according to the Massachusetts Institute of Technology Review of 2003,[21] used source code from Spyglass, Inc. Mosaic, which was an early commercial web browser with formal ties to the pioneering National Center for Supercomputing Applications (NCSA) Mosaic browser.[22][23] In late 1994, Microsoft licensed Spyglass Mosaic for a quarterly fee plus a percentage of Microsoft's non-Windows revenues for the software.[23] Although bearing a name similar to NCSA Mosaic, Spyglass Mosaic had used the NCSA Mosaic source code sparingly.[24]
The first version, dubbed Microsoft Internet Explorer, was installed as part of the Internet Jumpstart Kit in Microsoft Plus! for Windows 95 and Plus!.[25] The Internet Explorer team began with about six people in early development.[24][26] Internet Explorer 1.5 was released several months later for Windows NT and added support for basic table rendering. By including it free of charge with their operating system, they did not have to pay royalties to Spyglass Inc, resulting in a lawsuit and a US$8 million settlement on January 22, 1997.[22][27]
Microsoft was sued by Synet Inc. in 1996, over the trademark infringement.[28]
Internet Explorer 2–10[edit]
Internet Explorer 11[edit]
Internet Explorer 11 is featured in Windows 8.1, which was released on October 17, 2013. It includes an incomplete mechanism for syncing tabs. It is a major update to its developer tools,[29][30] enhanced scaling for high DPI screens,[31]HTML5 prerender and prefetch,[32]hardware-acceleratedJPEG decoding,[33]closed captioning, HTML5 full screen,[34] and is the first Internet Explorer to support WebGL[35][36][37] and Google's protocol SPDY (starting at v3).[38] This version of IE has features dedicated to Windows 8.1, including cryptography (WebCrypto),[29]adaptive bitrate streaming (Media Source Extensions)[39] and Encrypted Media Extensions.[34]
Internet Explorer 11 was made available for Windows 7 users to download on November 7, 2013, with Automatic Updates in the following weeks.[40]
Internet Explorer 11's user agent string now identifies the agent as 'Trident' (the underlying layout engine) instead of 'MSIE'. It also announces compatibility with Gecko (the layout engine of Firefox).
Microsoft claimed that Internet Explorer 11, running the WebKit SunSpider JavaScript Benchmark, was the fastest browser as of October 15, 2013.[41]
Internet Explorer 11 will be made available for Windows Server 2012 and Windows Embedded 8 Standard in the spring of 2019.[42]
End of life[edit]
Microsoft Edge, officially unveiled on January 21, 2015, has replaced Internet Explorer as the default browser on Windows 10. Internet Explorer is still installed in Windows 10 in order to maintain compatibility with older websites and intranet sites that require ActiveX and other Microsoft legacy web technologies.[43][44][45]
According to Microsoft, development of new features for Internet Explorer has ceased. However, it will continue to be maintained as part of the support policy for the versions of Windows with which it is included.[4]
Features[edit]
Internet Explorer has been designed to view a broad range of web pages and provide certain features within the operating system, including Microsoft Update. During the heyday of the browser wars, Internet Explorer superseded Netscape only when it caught up technologically to support the progressive features of the time.[46][better source needed]
Standards support[edit]
Internet Explorer, using the Tridentlayout engine:
- Supports HTML 4.01, HTML 5, CSS Level 1, Level 2 and Level 3, XML 1.0, and DOM Level 1, with minor implementation gaps.
- Fully supports XSLT 1.0 as well as an obsolete Microsoft dialect of XSLT often referred to as WD-xsl, which was loosely based on the December 1998 W3C Working Draft of XSL. Support for XSLT 2.0 lies in the future: semi-official Microsoft bloggers have indicated that development is underway, but no dates have been announced.
- Almost full conformance to CSS 2.1 has been added in the Internet Explorer 8 release.[47][48] The trident rendering engine in Internet Explorer 9 in 2011, scored highest in the official W3C conformance test suite for CSS 2.1 of all major browsers.
- Supports XHTML in Internet Explorer 9 (Trident version 5.0). Prior versions can render XHTML documents authored with HTML compatibility principles and served with a
text/htmlMIME-type. - Supports a subset[49] of SVG in Internet Explorer 9 (Trident version 5.0), excluding SMIL, SVG fonts and filters.
Internet Explorer uses DOCTYPE sniffing to choose between standards mode and a 'quirks mode' in which it deliberately mimicks nonstandard behaviours of old versions of MSIE for HTML and CSS rendering on screen (Internet Explorer always uses standards mode for printing). It also provides its own dialect of ECMAScript called JScript.
Internet Explorer was criticised by Tim Berners-Lee for its limited support for SVG, which is promoted by W3C.[50]
Non-standard extensions[edit]
Internet Explorer has introduced an array of proprietary extensions to many of the standards, including HTML, CSS, and the DOM. This has resulted in a number of web pages that appear broken in standards-compliant web browsers and has introduced the need for a 'quirks mode' to allow for rendering improper elements meant for Internet Explorer in these other browsers.
Internet Explorer has introduced a number of extensions to the DOM that have been adopted by other browsers.
These include the innerHTML property, which provides access to the HTML string within an element, which was part of IE 5 and was standardized as part of HTML 5 roughly 15 years later after all other browsers implemented it for compatibility[51], the XMLHttpRequest object, which allows the sending of HTTP request and receiving of HTTP response, and may be used to perform AJAX, and the designMode attribute of the contentDocument object, which enables rich text editing of HTML documents.[citation needed] Some of these functionalities were not possible until the introduction of the W3C DOM methods. Its Ruby character extension to HTML is also accepted as a module in W3C XHTML 1.1, though it is not found in all versions of W3C HTML.
Microsoft submitted several other features of IE for consideration by the W3C for standardization. These include the 'behaviour' CSS property, which connects the HTML elements with JScript behaviours (known as HTML Components, HTC); HTML+TIME profile, which adds timing and media synchronization support to HTML documents (similar to the W3C XHTML+SMIL), and the VMLvector graphics file format. However, all were rejected, at least in their original forms; VML was subsequently combined with PGML (proposed by Adobe and Sun), resulting in the W3C-approved SVG format, one of the few vector image formats being used on the web, which IE did not support until version 9.[52]
Other non-standard behaviours include: support for vertical text, but in a syntax different from W3C CSS3 candidate recommendation, support for a variety of image effects[53] and page transitions, which are not found in W3C CSS, support for obfuscated script code, in particular JScript.Encode,[54] as well as support for embeddingEOT fonts in web pages.[55]
Favicon[edit]
Support for favicons was first added in Internet Explorer 5.[56] Internet Explorer supports favicons in PNG, static GIF and native Windows icon formats. In Windows Vista and later, Internet Explorer can display native Windows icons that have embedded PNG files.[57][58]
Usability and accessibility[edit]
Internet Explorer makes use of the accessibility framework provided in Windows. Internet Explorer is also a user interface for FTP, with operations similar to that of Windows Explorer. Pop-up blocking and tabbed browsing were added respectively in Internet Explorer 6 and Internet Explorer 7. Tabbed browsing can also be added to older versions by installing MSN Search Toolbar or Yahoo Toolbar.
Cache[edit]
Internet Explorer caches visited content in the Temporary Internet Files folder to allow quicker access (or offline access) to previously visited pages. The content is indexed in a database file, known as Index.dat. Multiple Index.dat files exist which index different content—visited content, web feeds, visited URLs, cookies, etc.[59]
Prior to IE7, clearing the cache used to clear the index but the files themselves were not reliably removed, posing a potential security and privacy risk. In IE7 and later, when the cache is cleared, the cache files are more reliably removed, and the index.dat file is overwritten with null bytes.
Caching has been improved in IE9.[60]
Group Policy[edit]
Internet Explorer is fully configurable using Group Policy. Administrators of Windows Server domains (for domain-joined computers) or the local computer can apply and enforce a variety of settings on computers that affect the user interface (such as disabling menu items and individual configuration options), as well as underlying security features such as downloading of files, zone configuration, per-site settings, ActiveX control behaviour and others. Policy settings can be configured for each user and for each machine. Internet Explorer also supports Integrated Windows Authentication.
Architecture[edit]
Microsoft Internet Explorer Security Update For August 2019
Internet Explorer uses a componentized architecture built on the Component Object Model (COM) technology. It consists of several major components, each of which is contained in a separate Dynamic-link library (DLL) and exposes a set of COM programming interfaces hosted by the Internet Explorer main executable, iexplore.exe:[61]
- WinInet.dll is the protocol handler for HTTP, HTTPS and FTP. It handles all network communication over these protocols.
- URLMon.dll is responsible for MIME-type handling and download of web content, and provides a thread-safe wrapper around WinInet.dll and other protocol implementations.
- MSHTML.dll houses the Tridentrendering engine introduced in Internet Explorer 4, which is responsible for displaying the pages on-screen and handling the Document Object Model of the web pages. MSHTML.dll parses the HTML/CSS file and creates the internal DOM tree representation of it. It also exposes a set of APIs for runtime inspection and modification of the DOM tree. The DOM tree is further processed by a layout engine which then renders the internal representation on screen.
- IEFrame.dll contains the user interface and window of IE in Internet Explorer 7 and above.
- ShDocVw.dll provides the navigation, local caching and history functionalities for the browser.
- BrowseUI.dll is responsible for rendering the browser user interface such as menus and toolbars.[62]
Internet Explorer does not include any native scripting functionality. Rather, MSHTML.dll exposes an API that permits a programmer to develop a scripting environment to be plugged-in and to access the DOM tree. Internet Explorer 8 includes the bindings for the Active Scripting engine, which is a part of Microsoft Windows and allows any language implemented as an Active Scripting module to be used for client-side scripting. By default, only the JScript and VBScript modules are provided; third party implementations like ScreamingMonkey (for ECMAScript 4 support) can also be used. Microsoft also makes available the Microsoft Silverlight runtime (not supported in Windows RT) that allows CLI languages, including DLR-based dynamic languages like IronPython and IronRuby, to be used for client-side scripting.
Internet Explorer 8 introduces some major architectural changes, called Loosely Coupled IE (LCIE). LCIE separates the main window process (frame process) from the processes hosting the different web applications in different tabs (tab processes). A frame process can create multiple tab processes, each of which can be of a different integrity level; each tab process can host multiple web sites. The processes use asynchronous Inter-Process Communication to synchronize themselves. Generally, there will be a single frame process for all web sites. In Windows Vista with Protected Mode turned on, however, opening privileged content (such as local HTML pages) will create a new tab process as it will not be constrained by Protected Mode.[63]
Extensibility[edit]
Internet Explorer exposes a set of Component Object Model (COM) interfaces that allows add-ons to extend the functionality of the browser.[61] Extensibility is divided into two types: Browser extensibility and content extensibility. Browser extensibility involves adding context menu entries, toolbars, menu items or Browser Helper Objects (BHO). BHOs are used to extend the feature set of the browser, whereas the other extensibility options are used to expose that feature in the user interface. Content extensibility adds support for non-native content formats.[61] It allows Internet Explorer to handle new file formats and new protocols, e.g. WebM or SPDY.[61] In addition, web pages can integrate widgets known as ActiveX controls which run on Windows only but have vast potentials to extend the content capabilities; Adobe Flash Player and Microsoft Silverlight are examples.[61] Add-ons can be installed either locally, or directly by a web site.
Since malicious add-ons can compromise the security of a system, Internet Explorer implements several safeguards. Internet Explorer 6 with Service Pack 2 and later feature an Add-on Manager for enabling or disabling individual add-ons, complemented by a 'No Add-Ons' mode. Starting with Windows Vista, Internet Explorer and its BHOs run with restricted privileges and are isolated from the rest of the system. Internet Explorer 9 introduced a new component – Add-on Performance Advisor. Add-on Performance Advisor shows a notification when one or more of installed add-ons exceed a pre-set performance threshold. The notification appears in the Notification Bar when the user launches the browser. Windows 8 and Windows RT introduce a Metro-style version of Internet Explorer that is entirely sandboxed and does not run add-ons at all.[64] In addition, Windows RT cannot download or install ActiveX controls at all; although existing ones bundled with Windows RT still run in the traditional version of Internet Explorer.[64]
Internet Explorer itself can be hosted by other applications via a set of COM interfaces. This can be used to embed the browser functionality inside a computer program or create Internet Explorer shells.[61]
Security[edit]
Internet Explorer uses a zone-based security framework that groups sites based on certain conditions, including whether it is an Internet- or intranet-based site as well as a user-editable whitelist. Security restrictions are applied per zone; all the sites in a zone are subject to the restrictions.
Internet Explorer 6 SP2 onwards uses the Attachment Execution Service of Microsoft Windows to mark executable files downloaded from the Internet as being potentially unsafe. Accessing files marked as such will prompt the user to make an explicit trust decision to execute the file, as executables originating from the Internet can be potentially unsafe. This helps in preventing accidental installation of malware.
Internet Explorer 7 introduced the phishing filter, that restricts access to phishing sites unless the user overrides the decision. With version 8, it also blocks access to sites known to host malware. Downloads are also checked to see if they are known to be malware-infected.
In Windows Vista, Internet Explorer by default runs in what is called Protected Mode, where the privileges of the browser itself are severely restricted—it cannot make any system-wide changes. One can optionally turn this mode off but this is not recommended. This also effectively restricts the privileges of any add-ons. As a result, even if the browser or any add-on is compromised, the damage the security breach can cause is limited.
Patches and updates to the browser are released periodically and made available through the Windows Update service, as well as through Automatic Updates. Although security patches continue to be released for a range of platforms, most feature additions and security infrastructure improvements are only made available on operating systems which are in Microsoft's mainstream support phase.
On December 16, 2008, Trend Micro recommended users switch to rival browsers until an emergency patch was released to fix a potential security risk which 'could allow outside users to take control of a person's computer and steal their passwords'. Microsoft representatives countered this recommendation, claiming that '0.02% of internet sites' were affected by the flaw. A fix for the issue was released the following day with the Security Update for Internet Explorer KB960714, on Microsoft Windows Update.[65][66]
In 2011, a report by Accuvant, funded by Google, rated the security (based on sandboxing) of Internet Explorer worse than Google Chrome but better than Mozilla Firefox.[67][68]
A more recent browser security white paper comparing Google Chrome, Microsoft Edge, and Internet Explorer 11 by X41 D-Sec in 2017 came to similar conclusions, also based on sandboxing and support of legacy web technologies.[69]
Microsoft Internet Explorer Security Update For January 2019
Security vulnerabilities[edit]
Internet Explorer has been subjected to many security vulnerabilities and concerns: much of the spyware, adware, and computer viruses across the Internet are made possible by exploitable bugs and flaws in the security architecture of Internet Explorer, sometimes requiring nothing more than viewing of a malicious web page in order to install themselves. This is known as a 'drive-by install'. There are also attempts to trick the user into installing malicious software by misrepresenting the software's true purpose in the description section of an ActiveX security alert.
A number of security flaws affecting IE originated not in the browser itself, but ActiveX-based add-ons used by it. Because the add-ons have the same privilege as IE, the flaws can be as critical as browser flaws. This has led to the ActiveX-based architecture being criticized for being fault-prone. By 2005, some experts maintained that the dangers of ActiveX have been overstated and there were safeguards in place.[70] In 2006, new techniques using automated testing found more than a hundred vulnerabilities in standard Microsoft ActiveX components.[71] Security features introduced in Internet Explorer 7 mitigated some of these vulnerabilities.
In 2008, Internet Explorer had a number of published security vulnerabilities. According to research done by security research firm Secunia, Microsoft did not respond as quickly as its competitors in fixing security holes and making patches available.[72] The firm also reported 366 vulnerabilities in ActiveX controls, an increase from the previous year.
According to an October 2010 report in The Register, researcher Chris Evans had detected a known security vulnerability which, then dating back to 2008, had not been fixed for at least 600 days.[73] Microsoft says that it had known about this vulnerability but it was of very low severity as the victim web site must be configured in a special way for this attack to be feasible at all.[74]
Microsoft Internet Explorer Security Update For September 2017 Download
In December 2010, researchers were able to bypass the 'Protected Mode' feature in Internet Explorer.[75]
Microsoft Internet Explorer Security Update For June 2019
Vulnerability exploited in attacks on U.S. firms[edit]
In an advisory on January 14, 2010, Microsoft said that attackers targeting Google and other U.S. companies used software that exploits a security hole, which had already been patched, in Internet Explorer. The vulnerability affected Internet Explorer 6 on Windows XP and Server 2003, IE6 SP1 on Windows 2000 SP4, IE7 on Windows Vista, XP, Server 2008 and Server 2003, and IE8 on Windows 7, Vista, XP, Server 2003, and Server 2008 (R2).[77]
The German government warned users against using Internet Explorer and recommended switching to an alternative web browser, due to the major security hole described above that was exploited in Internet Explorer.[78] The Australian and French Government issued a similar warning a few days later.[79][80][81][82]
Major vulnerability across versions[edit]
On April 26, 2014, Microsoft issued a security advisory relating to CVE-2014-1776 (use-after-free vulnerability in Microsoft Internet Explorer 6 through 11[83]), a vulnerability that could allow 'remote code execution' in Internet Explorer versions 6 to 11.[84] On April 28, 2014, the United States Department of Homeland Security's United States Computer Emergency Readiness Team (US-CERT) released an advisory stating that the vulnerability could result in 'the complete compromise' of an affected system.[85] US-CERT recommended reviewing Microsoft's suggestions to mitigate an attack or using an alternate browser until the bug is fixed.[86][87] The UK National Computer Emergency Response Team (CERT-UK) published an advisory announcing similar concerns and for users to take the additional step of ensuring their antivirus software is up-to-date.[88]Symantec, a cyber security firm, confirmed that 'the vulnerability crashes Internet Explorer on Windows XP'.[89] The vulnerability was resolved on May 1, 2014, with a security update.[90]
Market adoption and usage share[edit]
The adoption rate of Internet Explorer seems to be closely related to that of Microsoft Windows, as it is the default web browser that comes with Windows. Since the integration of Internet Explorer 2.0 with Windows 95 OSR 1 in 1996, and especially after version 4.0's release in 1997, the adoption was greatly accelerated: from below 20% in 1996, to about 40% in 1998, and over 80% in 2000. This made Microsoft the winner in the infamous 'first browser war' against Netscape. Netscape Navigator was the dominant browser during 1995 and until 1997, but rapidly lost share to IE starting in 1998, and eventually slipped behind in 1999. The integration of IE with Windows led to a lawsuit by AOL, Netscape's owner, accusing Microsoft of unfair competition. The infamous case was eventually won by AOL but by then it was too late, as Internet Explorer had already become the dominant browser.
Internet Explorer peaked during 2002 and 2003, with about 95% share. Its first notable competitor after beating Netscape was Firefox from Mozilla, which itself was an offshoot from Netscape.
Firefox 1.0 had surpassed Internet Explorer 5 in early 2005, with Firefox 1.0 at roughly 8 percent market share.[91]
Approximate usage over time based on various usage share counters averaged for the year overall, or for the fourth quarter, or for the last month in the year depending on availability of reference.[92][93][94][95][96][97]
According to StatCounter Internet Explorer's marketshare fell below 50% in September 2010.[98] In May 2012, Google Chrome overtook Internet Explorer as the most used browser worldwide, according to StatCounter.[99]
Industry adoption[edit]
Browser Helper Objects are also used by many search engine companies and third parties for creating add-ons that access their services, such as search engine toolbars. Because of the use of COM, it is possible to embed web-browsing functionality in third-party applications. Hence, there are a number of Internet Explorer shells, and a number of content-centric applications like RealPlayer also use Internet Explorer's web browsing module for viewing web pages within the applications.
Removal[edit]
While a major upgrade of Internet Explorer can be uninstalled in a traditional way if the user has saved the original application files for installation, the matter of uninstalling the version of the browser that has shipped with an operating system remains a controversial one.
The idea of removing a stock install of Internet Explorer from a Windows system was proposed during the United States v. Microsoft Corp. case. One of Microsoft's arguments during the trial was that removing Internet Explorer from Windows may result in system instability. Indeed, programs that depend on libraries installed by IE, including Windows help and support system, fail to function without IE. Before Windows Vista, it was not possible to run Windows Update without IE because the service used ActiveX technology, which no other web browser supports.
Impersonation by malware[edit]
The popularity of Internet Explorer has led to the appearance of malware abusing its name. On January 28, 2011, a fake Internet Explorer browser calling itself 'Internet Explorer – Emergency Mode' appeared. It closely resembles the real Internet Explorer, but has fewer buttons and no search bar. If a user attempts to launch any other browser such as Google Chrome, Mozilla Firefox, Opera, Safari or the real Internet Explorer, this browser will be loaded instead. It also displays a fake error message, claiming that the computer is infected with malware and Internet Explorer has entered 'Emergency Mode'. It blocks access to legitimate sites such as Google if the user tries to access them.[100][101]
See also[edit]
Notes[edit]
- ^Since version 10
- ^In version 6 and earlier
- ^In versions 7, 8, and 9
References[edit]
- ^'Cumulative security update for Internet Explorer: October 3, 2019'. Support (18 ed.). Microsoft. October 3, 2019.
- ^'Internet Explorer 10 for Windows 7 released in 95 languages – Microsoft Language Portal Blog'. blogs.technet.microsoft.com.
- ^'Microsoft Pre-Release Software License Terms: Internet Explorer 11 Developer Preview'. microsoft.com. Microsoft. Retrieved July 27, 2013.
- ^ abc'Frequently Asked Questions'. Microsoft Edge Development. Microsoft. Archived from the original on July 16, 2016.
The latest features and platform updates will only be available in Microsoft Edge. We will continue to deliver security updates to Internet Explorer 11 through its supported lifespan. To ensure consistent behavior across Windows versions, we will evaluate Internet Explorer 11 bugs for servicing on a case by case basis.
- ^'Microsoft's Internet Explorer losing browser share'. BBC News.
- ^'Desktop Browser Market Share Worldwide | StatCounter Global Stats'. StatCounter Global Stats. Retrieved September 6, 2019.
- ^'Market share for mobile, browsers, operating systems and search engines | NetMarketShare'. netmarketshare.com. Retrieved May 2, 2019.
- ^'Victor: Software empire pays high price'. CNET News. Retrieved October 17, 2008.
- ^'The rise, fall, and rehabilitation of Internet Explorer'. citeworld.com. Retrieved February 6, 2015.
- ^Paul Maritz. 'U.S. Antitrust Case 98-1232'. justice.gov. Retrieved February 6, 2015.
There is talk about how we get more $'s from the 1000+ people we have working on browser related stuff...
- ^'Microsoft Update Catalog'. www.catalog.update.microsoft.com. Retrieved March 13, 2019.
- ^'Microsoft Update Catalog'. www.catalog.update.microsoft.com. Retrieved March 13, 2019.
- ^'Cumulative security update for Internet Explorer: June 12, 2018: Applies to: Internet Explorer 11, Internet Explorer 10, Internet Explorer 9'. support.microsoft.com. Retrieved July 12, 2018.
- ^'Microsoft is killing off the Internet Explorer brand'. The Verge. Vox Media. March 17, 2015. Retrieved March 18, 2015.
- ^'What's new in the Windows Server 2019 Insider Preview Builds'. docs.microsoft.com.
- ^'Search product lifecycle'. support.microsoft.com. Retrieved September 21, 2019.
- ^'What is the Microsoft Lifecycle Support policy for Internet Explorer?'. March 31, 2016.
Compared with older versions of Internet Explorer, Internet Explorer 11 offers improved security
- ^'Stay up-to-date with Internet Explorer'. Microsofts's MSDN blog. August 7, 2014. Retrieved August 29, 2014.
- ^'Internet Explorer Support Lifecycle Policy FAQ'. Retrieved March 18, 2015.
- ^'Internet Explorer'. Rotten Websites Wiki. Retrieved August 12, 2018.
- ^'Thomas Reardon, 34'. MIT Technology Review. Retrieved January 18, 2015.
- ^ abElstrom, Peter (January 22, 1997). 'Microsoft's $8 Million Goodbye to Spyglass'. Businessweek. Bloomberg L.P. Archived from the original on June 29, 1997. Retrieved February 9, 2011.
- ^ abThurrott, Paul (January 22, 1997). 'Microsoft and Spyglass kiss and make up'. Windows IT Pro. Penton. Archived from the original on September 19, 2012. Retrieved February 9, 2011.
- ^ ab'Memoirs From the Browser Wars'. Ericsink.com. Retrieved October 17, 2008.
- ^The History of Internet Explorer at the Wayback Machine (archived 2005-10-01)
- ^Borland, John (April 15, 2003). 'Software empire pays high price'. CNET News. CBS Interactive. Retrieved February 9, 2011.
- ^Thurrott, Paul (January 22, 1997). 'Microsoft and Spyglass kiss and make up'. WindowsITPro. Archived from the original on September 19, 2012. Retrieved February 9, 2011.
- ^Goodwins, Rupert (August 15, 1996). 'Microsoft sued by minnow over Internet Explorer name'. ZDNet. Archived from the original on December 5, 2011. Retrieved April 20, 2019.
- ^ abThurrott, Paul (July 25, 2013). 'Internet Explorer 11 Developer Preview for Windows 7'. Paul Thurrott's SuperSite for Windows. Penton. Retrieved July 26, 2013.
- ^'What's new in F12 Tools (Preliminary)'. MSDN. Microsoft. June 26, 2013. Retrieved July 13, 2013.
- ^'High DPI support (Preliminary)'. MSDN. Microsoft. July 25, 2013. Retrieved July 26, 2013.
- ^'Prerender and prefetch support (Preliminary)'. MSDN. Microsoft. July 25, 2013. Retrieved July 26, 2013.
- ^Bradley, Tony (July 26, 2013). 'Why Internet Explorer 11 is the right browser for business'. PC World. IDG. Retrieved July 27, 2013.
- ^ abBrinkmann, Martin (July 25, 2013). 'The Internet Explorer 11 Preview for Windows 7 is now available'. Ghacks.net. ghacks Technology News. Retrieved July 27, 2013.
- ^'Latest Windows 8.1 build beefs up IE developer tools'. CNET. CBS Interactive. Retrieved May 29, 2013.
- ^'Microsoft teases Internet Explorer 11 WebGL support on Vine'. The Verge. Retrieved May 29, 2013.
- ^'WebGL (Preliminary)'. MSDN. Microsoft. July 25, 2013. Retrieved July 26, 2013.
- ^Lardinois, Frederic (June 26, 2013). 'Microsoft Confirms IE11 Will Support Google's SPDY Protocol'. TechCrunch. Aol. Retrieved September 10, 2013.
- ^Williams, Mike (July 26, 2013). 'Internet Explorer 11 Developer Preview now available for Windows 7'. BetaNews. BetaNews, Inc. Retrieved July 27, 2013.
- ^'IE11 for Windows 7 Globally Available for Consumers and Businesses'. Retrieved November 8, 2013.
- ^'WebKit SunSpider JavaScript Benchmark Results'. ie.microsoft.com. Retrieved October 23, 2013.
- ^'Bringing Internet Explorer 11 to Windows Server 2012 and Windows Embedded 8 Standard'. January 28, 2019. Retrieved March 26, 2019.
- ^Weber, Jason (January 21, 2015). 'Spartan and the Windows 10 January Preview Build'. IEBlog. Microsoft.
- ^Rossi, Jacob (November 11, 2014). 'Living on the Edge – our next step in helping the web just work'. IEBlog. Microsoft.
- ^Warren, Tom (January 27, 2015). 'Microsoft reveals its Internet Explorer successor will support extensions'. The Verge. Vox Media.
- ^Brian wilson. 'Netscape Navigator — Browser History: Netscape explains that by the fourth generations of both browsers, Internet Explorer had caught up technologically with Netscape's browser ... Netscape 6.0 was considered slow and buggy, and adoption was slow to occur'. blooberry.com. Retrieved September 26, 2010.
- ^'Internet Explorer 8 Beta 1 Whitepapers'. MSDN. Retrieved March 11, 2008.
- ^Hopkins, James. 'IE8 Bugs'. Archived from the original on August 1, 2009.
- ^'Summary results of W3C test suite on multiple browsers, different versions and browser plugins'. Retrieved April 15, 2011.
- ^Svensson, Peter (September 10, 2008). 'Creator of Web spots a flaw in Internet Explorer'. msnbc.msn.com. Archived from the original on December 19, 2008. Retrieved November 16, 2008.
- ^https://www.xul.fr/en/html5/innerhtml.php
- ^Schiller, Jeff. 'SVG Support Tables'. codedread.com. Retrieved April 20, 2019.
- ^'Filter Tool (WebFX)'. webfx.eae.net. May 12, 2005.
- ^'Using Script Encoder'. Microsoft Docs. Microsoft. October 24, 2011. Retrieved April 20, 2019.
- ^'Font Embedding for the Web'. Microsoft Typography. Microsoft. February 26, 2001. Archived from the original on April 28, 2005. Retrieved April 20, 2019.
- ^'How to Add a Shortcut Icon to a Web Page'. MSDN. Microsoft. Archived from the original on December 17, 2008. Retrieved April 20, 2019.
- ^Davis, Jeff (December 27, 2007). 'why doesn't the favicon for my site appear in IE7?'. jeffdav on code. Retrieved March 11, 2013.
- ^'Fun with Favicons'. Microsoft Developer Network. Microsoft. September 7, 2013. Retrieved April 20, 2019.
- ^Windows Core Networking Team (August 4, 2006). 'A bit about WinInet's Index.dat'. Microsoft Developer Network. Microsoft. Archived from the original on January 12, 2008. Retrieved April 20, 2019.
- ^'Internet Explorer 9 Network Performance Improvements'. Microsoft Developer Network. Microsoft. March 17, 2011. Retrieved April 20, 2019.
- ^ abcdef'Internet Explorer Architecture'. MSDN. Retrieved January 10, 2007.
- ^Wilson, Chris. 'Inside IE8 Beta 1 for Developers'. MSDN Channel9. Retrieved March 7, 2008.
- ^Zeigler, Andy (March 11, 2008). 'IE8 and Loosely Coupled IE'. Microsoft Developer Network. Microsoft. Retrieved April 20, 2019.
- ^ abMcSherry, Tony (January 20, 2013). 'A look at Internet Explorer 10 on Windows RT'. TechRepublic. CBS Interactive.
- ^'Security risk detected in Internet Explorer software'. Belfast Telegraph. December 16, 2008.
- ^'Serious security flaw found in IE'. BBC News. December 16, 2008. Retrieved May 5, 2010.
- ^Goodin, Dan (December 9, 2011). 'Chrome is the most secured browser – new study'. The Register. Retrieved October 15, 2012.
- ^'Accuvant Study Finds Chrome is Most Secure Browser'. eSecurity Planet. December 13, 2011. Retrieved May 22, 2012.
- ^'Browser Security White Paper'(PDF). X41-Dsec GmbH. September 18, 2017. Retrieved September 21, 2017.
- ^Seltzer, Larry (April 14, 2005). 'The Lame Blame of ActiveX'. Security—Opinions. eWeek. Retrieved April 7, 2006.
- ^Lemos, Robert (July 31, 2006). 'ActiveX security faces storm before calm'. Security Focus. Retrieved July 11, 2009.
- ^'Secunia 2008 Report'(PDF). Secunia.
- ^Goodin, Dan (November 1, 2010). 'Internet Explorer info leak festers for 2 years'. The Register. San Francisco. Retrieved November 2, 2010.
- ^Naraine, Ryan (November 1, 2010). 'Two-year-old data leakage flaw still haunts Internet Explorer'. ZDNet. CBS Interactive. Retrieved November 2, 2010.
- ^'Researchers bypass Internet Explorer Protected Mode'. December 3, 2010. Retrieved December 4, 2010.
- ^'Browser Market Share Worldwide - July 2017'. Statcounter. July 2017. Retrieved August 2, 2017.
- ^Mills, Elinor (January 14, 2010). 'New IE hole exploited in attacks on U.S. firms'. CNET News. CBS Interactive. Retrieved September 26, 2010.
- ^Emery, Daniel (January 16, 2010). 'Germany issues Explorer warning'. BBC News. Retrieved March 26, 2010.
- ^Fildes, Jonathan (January 18, 2010). 'France in fresh Explorer warning'. BBC News. Retrieved March 26, 2010.
- ^Emily Bourke for AM (January 19, 2010). 'Govt issues IE security warning'. abc.net.au. Retrieved September 26, 2010.
- ^Martinez-Cabrera, Alejandro (January 18, 2010). 'The Technology Chronicles : France and Germany warn users not to use Internet Explorer'. The San Francisco Chronicle.
- ^Govan, Fiona (January 18, 2010). 'Germany warns against using Microsoft Internet Explorer'. The Daily Telegraph. London. Retrieved March 26, 2010.
- ^'CVE-2014-1776'. Common Vulnerabilities and Exposures (CVE). January 29, 2014. Retrieved May 16, 2017.
- ^'Microsoft Security Advisory 2963983'. Microsoft. April 26, 2014. Retrieved April 28, 2014.
- ^Finkle, Jim (April 28, 2014). 'U.S., UK advise avoiding Internet Explorer until bug fixed'. Reuters. Retrieved April 28, 2014.
- ^'Microsoft Internet Explorer Use-After-Free Vulnerability Guidance'. United States Computer Emergency Readiness Team. April 28, 2014. Retrieved April 28, 2014.
- ^'Vulnerability Note VU#222929 – Microsoft Internet Explorer use-after-free vulnerability'. Carnegie Mellon University. April 27, 2014. Retrieved April 28, 2014.
- ^'U.S.: Stop using Internet Explorer until security holes are fixed'. Chicago Tribune. April 28, 2014. Retrieved April 28, 2014.
- ^'Microsoft warns of Internet Explorer flaw'. BBC. April 28, 2014. Retrieved April 28, 2014.
- ^'Microsoft Security Bulletin MS14-021 – Critical Security Update for Internet Explorer (2965111)'. Microsoft Technet. May 1, 2014. Retrieved July 6, 2014.
- ^'Market share for browsers, operating systems and search engines'. marketshare.hitslink.com.
- ^'Market share for browsers, operating systems and search engines'. marketshare.hitslink.com. Retrieved February 9, 2011.
- ^Borland, John. Browser wars: High price, huge rewards, ZDNet, April 15, 2003. Accessed June 2, 2012.
- ^'TheCounter.com: The Full-Featured Web Counter with Graphic Reports and Detailed Information'. Thecounter.com. Archived from the original on October 3, 2008. Retrieved October 17, 2008.
- ^'TheCounter.com: The Full-Featured Web Counter with Graphic Reports and Detailed Information'. Thecounter.com. Archived from the original on October 2, 2008. Retrieved October 17, 2008.
- ^'CNN — Behind the numbers: Browser market share — October 8, 1998'. Cnn.com. Archived from the original on August 16, 2000. Retrieved October 17, 2008.
- ^'Web Analytics | Online Business Optimization by Omniture'. Omniture.com. Archived from the original on April 20, 2008. Retrieved October 17, 2008.
- ^Goldman, David (October 6, 2010). 'Internet Explorer usage falls below 50%'. CNN. Retrieved October 6, 2010.
- ^'Google Chrome Overtakes Internet Explorer'. PCWorld. May 21, 2012. Retrieved January 19, 2019.
- ^'IE Emergency Mode'. im-infected.com. January 28, 2011. Archived from the original on June 30, 2011. Retrieved June 23, 2013.
- ^'Bleeping Computer – Fake IE Emergency Mode (by fake AVG)'. January 28, 2011. Retrieved June 23, 2013.
Further reading[edit]
- 'Index DOT Html and Index DOT Css'. Browser History: Windows Internet Explorer. Retrieved December 22, 2013.
- Hachamovitch, Dean (July 27, 2005). 'Windows Vista & IE7 Beta 1 Available'. IEBlog. Microsoft. Retrieved December 22, 2013.
- Wilson, Chris (July 30, 2005). 'Standards and CSS in IE'. IEBlog. Microsoft. Retrieved December 22, 2013.
- Graff, Scott (October 7, 2006). 'IE7 Is Coming This Month'. IEBlog. Microsoft. Retrieved December 22, 2013.
- 'IE7 Platforms And Outlook Express'. IEBlog. Microsoft. March 1, 2005. Retrieved December 22, 2013.
- 'Gates Highlights Progress on Security, Outlines Next Steps for Continued Innovation'. News Center. Microsoft. February 15, 2005. Retrieved December 22, 2013.
- Williams, Mary-Lynne; MacNeil, Leslie; Hall, Marty (September 17, 2010). Hachamovitch, Dean (ed.). 'User Experiences: Evolving the blue 'e''. IEBlog. Microsoft. Retrieved December 22, 2013.
External links[edit]
| Wikimedia Commons has media related to Internet Explorer. |
| Wikinews has related news: France, Germany officials warn against using Internet Explorer |
| Wikibooks has a book on the topic of: Internet Explorer |
- Official website