Boost logo

Boost :

From: Jake Voytko (jakevoytko_at_[hidden])
Date: 2007-04-07 20:43:21


Internet Explorer has had issues before with code execution
vulnerabilities in .png files, which are also built using commands
instead of dealing with images pixel-by-pixel

http://www.microsoft.com/technet/security/bulletin/MS02-066.mspx

I wouldn't at all be surprised if they are trying to cut down on
support of command-based file formats to limit the number of attack
vectors.

An explanation of IE's support of SVG:
http://wiki.svg.org/Internet_Explorer

But Adobe also offers "SVG Viewer", but will remove it from their
download page on January 1, 2009, (they cite the maturation of the
market as the reason). There is an already promising alternative
called Renesis, and with any luck, IE7 will either have support for a
SVG viewer, or will come packaged with one (there is no shortage of
people suggesting that to the IE7 team).

Jake


Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk