IE7 Bug Reopens Debate Over Protocol Handlers

closeThis post was published 12 years 2 months 6 days ago. A number of changes have been made to the site since then, so please contact me if anything is broken or seems wrong.

A bug in IE7 affecting how the browser handles URIs that launch external programs, patched today, has rekindled discussions about the responsibilities of protocol handlers. While some say the browser developers should be held responsible, others say it is a Windows problem.

From what I have read about the issue, dozens of programs are potentially vulnerable. The vulnerability is reportedly in the way Windows handles the launching of programs, not in Internet Explorer or Firefox (both of which were affected by the earlier QuickTime protocol bug). I would say that the responsibility of fixing the problem falls on Microsoft in that case, except the software giant has already stated that the problem is in the external programs (this statement came after the QuickTime bug, earlier this year).

Microsoft can’t be reasonably expected to cover all the bases when it comes to external apps, of course, but modifying individual programs creates a lot more work. Perhaps the solution is to disable external app launching altogether, though a lot of users would probably object to that. Maybe the fix should be a concerted effort between Microsoft and affected programs, with the entities working together to produce fixes in both products that will both fix the current flaw and prevent similar problems from cropping up again.


I am an avid technology and software user, in addition to being reasonably well-versed in CSS, JavaScript, HTML, PHP, Python, and (though it still scares me) Perl. Aside from my technological tendencies, I am also a theatre technician, sound designer, violinist, singer, and actor.

Leave a Reply

Your email address will not be published. Required fields are marked *

Notify me of followup comments via e-mail (or subscribe without commenting)

Comments are subject to moderation, and are licensed for display in perpetuity once posted. Learn more.