Sleep easier at night with Internet Explorer 7
Published: July 15, 2006
Summary:The upcoming version of Internet Explorer 7 offers IT managers enhanced security features along with enhanced browser functionality.
One of the most-asked questions of IT managers is: What keeps you up at night? The answer is almost always security.
The upcoming version of Internet Explorer 7 offers IT managers enhanced security features along with enhanced browser functionality that end-users will be sure to safely enjoy.
Microsoft focused on three core areas for security when designing Internet Explorer 7, including improved defense against malware, further protection against data theft from fraudulent Web sites and full control over extensibility.
Internet Explorer 7 will be available in two versions: a standalone version that runs on Windows XP SP2, Windows XP Professional x64 Edition and Windows Server 2003 SP1 and an enhanced version that will be built into the upcoming Windows Vista that will take advantage of the new functionalities of the Windows Vista-based platform.
On This Page
Specific Security Features of Internet Explorer 7
"As long as malicious hackers exist, there will always be the opportunity for online threats, but Microsoft is committed to improving security for all users," says Elliott Katz, Project Manager for Windows. "Internet Explorer 7 offers dynamic security protection to its users, ultimately affording IT managers time to worry about something else.”
Internet Explorer 7 offers peace of mind to IT managers through its 10 dynamic security protection features:
1. | ActiveX Opt-in disables nearly all pre-installed controls of ActiveX to help prevent potentially vulnerable controls from being exposed to attack |
2. | Security Status Bar enhances user awareness of Web site security and privacy settings by displaying colour-coded notifications next to the address bar |
3. | Phishing Filter uses a combination of machine-learning heuristics, client-side scanning for suspicious characteristics and an opt-in online service that utilizes dynamic industry-based reputation services to proactively warn about - and help protect against - potential or known fraudulent sites and blocks the sites if appropriate |
4. | Cross-Domain Barriers limit script on Web pages from interacting with content from other domains or windows to help protect against malware by limiting the potential for malicious Web sites to manipulate flaws in other Web sites or cause users to download undesired content or software |
5. | Delete Browsing History allows users to clean up cached pages, passwords, form data, cookies and history all from a single window |
6. | Address Protection Bar ensures that every window, including pop-up pages, will display an address bar to the user, which helps to block malicious sites from emulating trusted sites |
7. | International Domain Name Anti-spoofing will notify users when visually similar characters in a URL are not expressed in the same language to help protect users against visiting sites that would otherwise appear as a trustworthy site |
8. | Secure Handling of URLs Embedded in Web Pages has been improved. Rewriting certain sections of the code has helped to drastically reduce the internal attack surface of Internet Explorer 7 and helps protect users from malformed embedded URLs that contain odd or excessive characters intended on executing malicious code |
9. | Add-ons Disabled Mode helps troubleshoot difficulties launching Internet Explorer 7 or reaching specific Web sites by allowing only critical system add-ons to be enabled |
Windows Vista Provides More Control
Running Internet Explorer 7 on Windows Vista when it becomes available will provide IT managers with visibility into the way employees use the Internet, allowing them to take more active control over the way employees conduct business while online.
| • | Protected Mode ensures Internet Explorer 7 runs in isolation from other applications in the operating system and is designed to defend against 'elevation of privilege' attacks. In Protected Mode, Internet Explorer 7 in Windows Vista is completely unable to modify user or system files and settings. Any scripted actions or automatic processes will be prevented from downloading data or affecting the system. Without explicit user consent, exploits and malicious software are confined to writing within the temporary Internet files |
Built-in Management Tools and Support
Internet Explorer 7 is backed with a strong quality control system that includes an in-house team dedicated to sustaining engineering. In addition, the Microsoft Security Response Center (MSRC) was created to provide rapid response to Internet security threats 24 hours a day, seven days a week.
How Do You Measure Browser Security?
Security is an industry-wide issue, one that there is no easy solution. Unfortunately the data shows that no browser is free of vulnerabilities and any broadly accepted browser will be attacked. Therefore IT managers need to carefully evaluate critical considerations such as manageability, serviceability and extensibility, as well as exploitability, when evaluating browser security. On a comprehensive scale of factors, Internet Explorer 7 delivers across the board.
A well-rounded approach to browser security can help decrease the time required by IT managers to maintain network security. Time saved in this area can be dedicated to other IT related issues and decrease the manpower necessary for a midsized business to remain connected to the Internet.
