I am scalp-scratching about Internet Explorer 7: It's still refusing to work with the Windows Live Spaces photo upload tool. I'm the blogger for MSN's Technology Filter (http://technologyfilter.spaces.live.com/) gadget geek blog, and the photo upload tool is a mite important to us. It's also an ActiveX control. IE not handling a Microsoft-generated ActiveX control is ridiculous. And it's also a potential dark cloud for businesses that rely on real-life, running-today, don't-care-about-Web-2.0 Web applications. Those apps still tend to rely rather heavily on ActiveX. If ActiveX is on its way out in IE7, then businesses relying on such apps will need to readjust their migration schedules to compensate. After all, this stuff is supposed to be shrink-ready in a matter of weeks.

Fortunately, Java seems to work fine (http://weblog.infoworld.com/tcdaily/archives/2006/10/sun_java_runs_g.html) -- contrary to some rumors. Sun's current Java runtime environment installed with no hiccups as an add-on to IE7, and I had no problems running Trend Micro's Web-based free virus scan application, which runs as a Java applet. It takes quite a while to install the environment, but the Java stuff seemed to work without troubles. The scanning and security files that Trend Micro tried to send did a fast face plant, however.

Which brings us to full-blown security under Vista. Under RC2, I still couldn't install ClamWIN, Symantec, Trend Micro's PC-Cillin, or ZoneAlarm. Microsoft's new and improved Windows Firewall means I really don't care so much about that. But the malware detection portion is a big concern, so one thing I wasn't doing a lot under RC2 for a week was fringe Web surfing: no music sites, no semi-clad recreational sites, and I stayed well away from Mark Foley's (http://en.wikipedia.org/wiki/Mark_Foley_scandal) re-election site. I was also cautious about e-mail, shunting my main spam account into a separate e-mail client altogether.

What's bugging me here is that Microsoft only released the needed APIs to third-party security vendors (http://www.infoworld.com/article/06/10/16/HNmsvistacode_1.html) earlier this week. That's little folks like McAfee, Symantec, Sophos, and Trend Micro. If this OS is going shrink in eight weeks is that enough time for these vendors to release working security upgrades? And if not, am I just supposed to rely on Microsoft's anti-virus and anti-malware tools until then? And what happens to businesses running corporate versions of third-party anti-virus software? Microsoft is going to answer me these questions in the next few days, so look for an update on my SMB IT blog.

Meantime, I'm out of room. I'll finish this up in next week's column where I'll talk about running Vista's new bundled Office-type tools, its new accessibility features and some of the organizational changes Microsoft has made to the UI. Teaser: You're going to be training the slower users in your life no matter what Microsoft says about intuitive design.