They were embedding IE — I imagine their security concerns were well-founded. But even gmail has crappy html support, and that runs in a friggin’ browser!
MSO probably had security problems at least as large.
And if there were security issues, they needed to fix them for IE’s sake already!
I don’t remember the details of what they wrote, and wasn’t able to find it even five years ago, but I do remember that the reasons claimed just made no sense.
> MSO probably had security problems at least as large.
Down in the parser and such, no doubt about it. But it would have also lacked much of the attack surface of IE, such as, oh, ActiveX. Granted that specific example would be easy enough to disable, but that's just one mine in the whole field. They definitely should have wrestled IE into shape, but the IE team clearly wasn't taking marching orders from the Office team. Organizational dysfunction manifested in sofware.
