I spent some time looking at MSN Explorer during this period and collected a set of findings in an internal document. MSN Explorer used its own rendering layer with settings that differed from the standard IE security configuration, which created some interesting boundary conditions worth examining. The findings were shared with the relevant team and documented for follow-up.

Found during my years at Microsoft (2006–2014). These bugs were patched long ago — shared here as a historical record for learning purposes.