Internet Explorer dynamic security protection
This feature is included in the following editions of Windows Vista:
Internet Explorer 7 offers multiple, interrelated security features to help defend your PC against malware (malicious code or unwanted software, including worms, viruses, adware, and spyware). Among the browser's dynamic security protections are safeguards to help make sure your personal information doesn’t fall into the hands of fraudulent or deceptive websites.
Together with Windows Defender, the security built into Internet Explorer 7 helps serve two primary security objectives:
Protection against malware
Malware, short for malicious software, refers to software applications designed to damage or disrupt a user’s system. Internet Explorer 7 reduces the potential for hackers to harm a system by limiting the amount of damage that can be done if malware is able to find its way onto a user's system. In addition, Internet Explorer 7 includes several technical features designed to thwart hackers' efforts to trick you into entering personal data when you should not. Core parts of the browser's architecture have also been fortified to better defend against exploitation and improve the way the browser handles data.
Protected Mode
Protected Mode provides a level of security and data protection for Windows users. Designed to defend against "elevation of privilege" attacks, Protected Mode allows you to have a safe Internet browsing experience while helping prevent hackers from taking over the system and installing programs or deleting your information.
In Protected Mode, Internet Explorer 7 in Windows Vista cannot modify user or system files and settings without user consent. Protected Mode requires the user to confirm any activity that tries to put something on your machine or start another program. By ensuring the user consents to these kinds of actions, the likelihood of automated and/or unwanted software installation is reduced. This feature also makes you aware of what a website is trying to do, giving you a chance to stop it and take time to double check the trustworthiness of the website.
ActiveX Opt-In
Internet Explorer offers web developers the ActiveX platform as a mechanism to extend browser capabilities and online experiences. Some malicious developers have co-opted the platform to write harmful applications that steal information and damage computers. Internet Explorer 7 offers a security mechanism for the ActiveX platform.
ActiveX Opt-In automatically disables all but a small set of well known, pre-approved controls which helps reduce the potential for abuse or attack. Now, if a website tries to use an ActiveX control you haven’t used before, Internet Explorer 7 will display a notice in the Information Bar. This notification mechanism enables you to permit or deny access when viewing unfamiliar websites. For websites that attempt automated attacks, ActiveX Opt-In protects you by preventing unwanted access and giving the user total control. If you want to enable an ActiveX control for loading, you just click the Information Bar.
Fix My Settings
Internet Explorer 7 includes Fix My Settings, a feature to alert you when you might be browsing with unsafe settings. The feature reminds you about the unsafe settings with a warning displayed in the Information Bar as long as your settings remain unsafe. You can reset the security settings to the Medium-High default level by clicking the Fix My Settings option in the Information Bar. If you close your browser and it reopens with unsafe settings, you will see a notification page reminding you to correct the setting before you can visit any websites.
Fix My Settings interface.
Advanced Protection against spyware with Windows Defender
Windows Defender helps prevent malware from entering the computer via piggyback download, a common mechanism by which spyware is distributed and installed silently along with other applications. For more information, see Windows Defender.
Personal data safeguards
Internet Explorer 7 offers a range of solutions to help protect you from malicious websites and confusing URLs. The Security Status Bar, located next to the Address Bar, helps you differentiate authentic websites from suspicious or malicious ones. One way it does this is by enhancing your access to digital certificate information that helps validate the trustworthiness of e-commerce websites. Internet Explorer 7 also provides a file cleanup utility that deletes the browsing history to aid with the protection of privacy and passwords.
Phishing Filter
Phishing is the technique of convincing a user to send personal information to a bogus (or potentially malicious) website that is designed to appear legitimate. The Phishing Filter in Internet Explorer 7 combines a local (client side) system scanning for suspicious website characteristics with an online service. For more information see Microsoft Phishing Filter in Internet Explorer.
Delete Browsing History
Internet Explorer 7 provides a Delete Browsing History option for one-click cleanup so you can erase all personal information stored in the browser. Delete Browsing History provides a simple mechanism to quickly erase information and eliminate any concern about data privacy on other systems.
Parental Controls
Internet Explorer 7 in Windows Vista works with the Parental Controls that enable parents to establish filter controls for a range of settings, including controls for objectionable content or for defining a specific set of acceptable websites to browse.
Internet Explorer 7 in Windows Vista works directly with the Parental Controls service to provide easy access to logging information and a single interface for managing settings. The Parental Controls service can also be set to block file downloads, offering another way to prevent malware from getting on a system. For more information see Parental Controls.
Security Status Bar
The Security Status Bar in Internet Explorer 7 displays a padlock icon prominently in the lower right corner of the browser window to designate the trust and security level of a given website.
You can also view a website's digital certificate information by clicking on the icon. Digital certificates, issued by recognized entities known as certification authorities, serve two functions: 1) they provide third-party validation of the authenticity or trustworthiness of a business or website, and 2) they provide cryptographic encryption of data communications to keep information safer and more secure as it is passed between the website and browser. To give you a visual cue to recognize questionable websites, the padlock icon appears on a red background if Internet Explorer 7 detects any irregularities in the site's certificate information.
The Security Status Bar also supports new Extended Validation (EV) certificates that offer stronger identification of secure sites such as banking sites. Sites using EV SSL certificates have undergone a comprehensive verification to ensure their identity is that of the real business entity. When viewing a site secured with an EV SSL, you will now be able to view that identity information and verify the information is what you expect to see. Internet Explorer 7 highlights these validated sites with a green-shaded address bar and prominently displays the associated business or entity name.
URL-display protections
Hackers commonly attempt to mislead users into thinking they are looking at information from a known and trusted source. The ability to hide true Address Bar information and domain names from users has long been a valuable hacking tool. Internet Explorer 7 contains two visual tools to help help you see the true Address Bar information and domain names: an Address Bar in every window and Internationalized Domain Name (IDN) support.
Address Bar in every window. With Internet Explorer 7, all browser windows require an Address Bar. Because hackers often use pop-up windows to display misleading graphics and data to convince users to download or install malware, the requirement of a read-only Address Bar in each window helps ensure that you’ll be able to learn more about the true source of the information you’re seeing.
Multiple-language display.
IDN display protections. Another technique used by malicious websites has been to include international characters in the Address Bar for phishing attacks and as a way to hide the true website domain name. The problem is based in similarities among many international alphabets: characters in certain languages (for example, the letter a in English) can resemble entirely different characters in other languages (for example, the letter ä in Cyrillic). As a result, an individual with malicious intent might register a domain name similar to a legitimate one to fool users into submitting their content to a false site.