Tag Archives: coming

Tech

Sneak Peek: New features coming to Internet Explorer

Leave a comment

Microsoft’s new Developer Channel offers glimpse into upcoming features of IE.
Microsoft recently released a “Developer Channel” edition of Internet Explorer, launching a new way in which upcoming features will be previewed, and laying the groundwork for a business strategy focusing on web services. Here’s what you need to know about the future of Internet Explorer.

Developer Channel version offers sneak peek at new features
Though it’s available for the public to freely download and install, Internet Explorer Developer Channel is not meant for everyday use, whether business or casual. As its label implies, IE DC is primarily geared toward developers with which to play around. But anyone can try out the browser to see what new features are being worked on by the IE development team.

No more betas
Instead of releasing betas, the IE development team will update IE DC with the latest features, fixes and optimizations. Throughout this process, you’ll be able to keep up with the work-in-progress of IE by downloading the most current release of IE DC. When the IE team determines this code is ready for public consumption, it will then be rolled out as the next version of IE.

Compatibility is limited to Win 7/8.1
IE DC is available for Windows 7 and Windows 8.1 only. Either OS also must have Internet Explorer 11 installed on it. You should probably also ensure your Windows 7 or Windows 8.1 system has the latest official updates for the OS installed, as recommended by Windows Update, prior to installing IE DC.

Caveats
IE DC runs within a virtualization system, which keeps the browser in a “sandbox” operating separately from the rest of your Windows environment. This is for reasons of security. The consequences are that IE DC cannot share add-ons or settings that you already have in place with your installation of IE 11; IE DC may run slower than IE 11; and it cannot be used as the default browser.

Tracking features in development
The IE development team set up a web page where you can follow the latest features they’re working on to possibly add to future versions of IE. It also lists features that are already in the most recent final releases of the browser, and ones they are considering, but not officially developing yet. You can easily set this list to show only features that are in development, under consideration, under which version number of IE they first appeared, or their interoperability with the other major web browsers.

New features in IE DC
As of this writing, release of IE DC includes only a few new technologies being actively worked on. Two are interesting for the average user: GamePad and WebGL Instancing. They obviously tell that the IE development team is expanding the capabilities of the browser for gaming. (WebGL Instancing utilizes a system’s GPU, graphics processing unit, to more efficiently draw copies of an object without hitting up the system CPU for this task.) These technologies could alternately be integral for less leisurely pursuits, like using a controller to interact with a productivity web app.

Features in development
Other technologies listed as “In Development” (which also means they are not yet implemented into the actual IE DC browser) include Media Capture and Streams, and Web Audio. The first indicates a web app in IE would be able to access audio or video from your computer’s or device’s mic or webcam. Web Audio would enable a web app to produce audio through JavaScript.

Features that are being considered
Listed as “Under Consideration” are features that point to granting web apps even more access to control or receive feedback from the hardware of a computer or device (Ambient Light Events, Battery Status, Vibration). Web apps could also be allowed to encode audio or video from within the browser (MediaRecorder), incorporate speech recognition and synthesis (Web Speech), and manipulate the local files on a Windows system (Drag and Drop Directories, FileWriter).

End of numbered versions?
This new system of providing early looks at IE under a continuous development cycle could suggest Microsoft may de-emphasize version numbering. If this happens, then, as far as the general public is concerned, the upcoming 12th release of IE could be referred to by Microsoft as simply “Internet Explorer.” As for new features, IE appears to be becoming a more technologically capable browser for using with sophisticated web apps. The IE development team isn’t just looking to make a better browser; they’re aiming to make Internet Explorer a better web app platform.

 

Best Microsoft MCTS Training – Microsoft MCITP Training at Certkingdom.com

 

Microsoft, Tech

Microsoft’s MAPP reportedly hacked, RDP exploits coming sooner than expected

Microsoft’s early patch information distribution system appears to have been hacked, giving attackers a jumpstart at building a worm.

When Microsoft’s Patch Tuesday release earlier this week revealed a code execution vulnerability for Remote Desktop Protocol (RDP), we knew it wasn’t a good sign. We didn’t expect the situation to get this dangerous so quickly, however, and neither did Microsoft.
MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com
RELATED: Microsoft incites madness with March’s Patch Tuesday release

Details continue to surface surrounding the RDP exploit, including allegations that the Microsoft Active Protections Program (MAPP), which provides security vendors patch information ahead of its actual release, has been compromised. According to ZDNet blogger Ryan Naraine, several sources claim that the MAPP was breached by hackers in China. Among those making the accusations is security researcher Luigi Auriemma, whom Microsoft credited with discovering the RDP vulnerability in the first place.

RELATED: Don’t Wait on This Patch, Microsoft says

One undisclosed security researcher who spoke to Naraine says he “can say with 100% certainty that MAPP information got into the wrong hands,” a claim that Auriemma supported “with no doubt whatsoever,” Narraine wrote.

Auriemma, in a separate statement emailed to SC Magazine, offers even scarier information for those that are late in making the patch. Two early exploits have been proven to cause the infamous blue screen of death on targeted Windows XP and Server 2003 devices, Auriemma told SC Magazine.

Symantec has since confirmed reports of a Proof of Concept (PoC) for a denial of service attack through the exploit Microsoft tried to patch on Tuesday.

Hackers with access to the MAPP would be able to build and distribute attacks more quickly than their potential targets could protect themselves. Even though Microsoft, and every security researcher I spoke to, urged those running RDP to deploy the patch immediately, “if not sooner,” Microsoft researchers had initially warned in a company blog post that they “anticipate that an exploit for code execution will be developed in the next 30 days.”

Now, some may be wishing for that 30 days.

“The threat level with MS12 -020 is rising rapidly,” Lamar Bailey, director of security research and development for nCircle, says. “Over the weekend attackers will be adding malicious payloads to the exploit code Symantec found and we’ll see that in the wild by Monday, if not sooner. Within a week we’ll see multiple malicious payloads, and it will definitely become a worm.”

Meanwhile, hackers are wasting little time trying to establish a more severe threat, with this financially incentivized request for “a working exploit for CVE-2012-0002 (the new RDP hole) as a Metasploit module” posted on web developer project networking site Gun.io.

If Microsoft’s emphasis of the exploit earlier in the week didn’t grab the attention of enterprise IT, these reports will, especially with the risk level rising as quickly as it is, Bailey says. And it could make for a long St. Patrick’s Day weekend.

“Patch it now or pay later,” Bailey says. “This should be at the top of every enterprise security team’s list every day until their entire network is completely patched.”