 |  |  |  |  |  |  |  |
Microsoft announces host of new Internet Explorer 8 security features
According to the official Microsoft Developer Network IEBlog Internet Explorer 8 will come packed with a whole host of new security features. These will include the SmartScreen Filter which replaces the Phishing Filter in current versions of the browser. Eric Lawrence, Program Manager for Internet Explorer Security says that this will be "a replacement that improves upon the Phishing Filter in a number of important ways" which include:
There is also going to be better cross-site scripting (XSS) defenses courtesy of IE8 blocking the most common form of XSS attack, the reflection attacks. The IE8 XSS Filter is a heuristic-based mitigation that sanitizes injected scripts, preventing execution. Lawrence says "XSS Filter provides good protection against exploits, but because this feature is only available in IE8, it’s important that web developers provide additional defense-in-depth and work to eliminate XSS vulnerabilities in their sites."
David Ross, a security software engineer working on IE8 adds that "The XSS Filter operates as an IE8 component with visibility into all requests / responses flowing through the browser. When the filter discovers likely XSS in a cross-site request, it identifies and neuters the attack if it is replayed in the server’s response. Users are not presented with questions they are unable to answer – IE simply blocks the malicious script from executing."
- Improved user interface
- Faster performance
- New heuristics & enhanced telemetry
- Anti-Malware support
- Improved Group Policy support
There is also going to be better cross-site scripting (XSS) defenses courtesy of IE8 blocking the most common form of XSS attack, the reflection attacks. The IE8 XSS Filter is a heuristic-based mitigation that sanitizes injected scripts, preventing execution. Lawrence says "XSS Filter provides good protection against exploits, but because this feature is only available in IE8, it’s important that web developers provide additional defense-in-depth and work to eliminate XSS vulnerabilities in their sites."
David Ross, a security software engineer working on IE8 adds that "The XSS Filter operates as an IE8 component with visibility into all requests / responses flowing through the browser. When the filter discovers likely XSS in a cross-site request, it identifies and neuters the attack if it is replayed in the server’s response. Users are not presented with questions they are unable to answer – IE simply blocks the malicious script from executing."
Similar Threads
- Internet Explorer Security Pro v8.0.1.1 (Windows Software)
- how to edit microsoft pocket internet explorer security settings? (Web Browsers)
- Microsoft Internet Explorer pop up (Windows NT / 2000 / XP)
- News Story: Microsoft Announces Security Bulletins, Appoints New COO (Upcoming News Stories)
- New Security and Internet Explorer moderator (DaniWeb Community Feedback)
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Web Browsers Posts
- Today's Posts
- Unanswered Threads
advertising age amd android apple avatar ballmer bluegene botnet browser business cellphone china chips crime data database development dos downloads economy email energy enterprise europe facebook firefox games gaming google hacker hacking hardware ibm ibm.news ie8 intel intelibm internet internetexplorer iphone ipod itunes law legal linux mac malware marketing medicine memory microsoft mobile mozilla music news nintendo novell office openoffice opensource os pc porn privacy ps3 recession redhat research russia search security sex socialnetworking software sony spam sun supercomputer supercomputing survey technology trends trojan twitter ubuntu uk video virus vista web wii windows windows7 working x86 xbox xp yahoo youtube