Home › News › Industry News
Microsoft tightens IE 7's security
The company has now detailed several changed in the way IE 7 will classify Web sites for security, hoping that the ultimate effect will be to reduce the likelihood that users will fall victim to malicious code. Currently, IE has four classifications for Web sites: Internet, local intranet, trusted, and restricted. The browser then uses these classifications to determine if certain functions will be allowed to execute – for example if Active X controls can run or not. For IE 7, Microsoft is working on preventing the browser from running malicious code in less restrictive security zones.
The local intranet zone is not really relevant for home users, the engineers said. Instead, a change has been made to IE 7 so that, when a PC is not on a managed corporate network, IE will treat apparent intranet sites as if they were on the Internet.
"This change effectively removes the attack surface of the intranet zone for home PC users." they wrote. They credit the change to an idea from a summer intern working at the company.
However, if a machine is running on a domain, IE 7 will automatically detect the intranet sites and revert to the intranet zone settings. Network administrators will be able to set group policies to ensure the browser runs as desired, the engineers wrote.
In the future, the Internet zone will run in what the company calls protected mode. This should help prevent the kinds of attacks that IE has been vulnerable to in the past. Another new feature, dubbed ActiveX Opt-In, will reduce potential damage from malicious Active X controls in the Internet zone.
Related Stories
User Comments (4)
Post a comment|
enasni
on December 14, 2005 7:46 AM |
I rejected a sober worm virus last night.It sent an e-mail to my mother who was just simply reading her e-mail and one of them said "Your Password", So she opened it and my computer shut down.I turned it on and it was all distorted so I hacked the viruses code and deleted it which took a lot of time.The code is unrecognizable though seeing as how it kept changing. |
|
tarun123v
on December 14, 2005 9:01 AM |
"Active X controls" This is the Main Culprit in Internet Explorer, only IE browser Supports this Active X controls none of the rest browsers supports this type of feature.This Active X control give lot of control to a websites,using that feature they can download some software through IE and implement it into OS of Client's PC's This feature is boon to users if used in controlled way or else it will create lot of problems in clients machine |
|
Masque
on December 14, 2005 10:05 AM |
Internet security is an ongoing issue...M$ is fighting it as hard as anybody and is gaining ground. There's always somebody smarter that's just waiting to pounce on unprotected systems but the way to beat 'em is by constantly searching and updating against weaknesses. |
|
mrprimo55
on December 14, 2005 10:44 AM |
I think that it's just as important for Microsoft to make a way to spot phishing, because this is becoming just as bad as the ActiveX problems. I work in a computer repair shop and lately I've talked to many people who don't know a whole lot and think that their passwords have been "hacked" when it turns out they opened a link asking for their eBay username and password and they obliged. |
Most Popular
| Trending | Featured |
-
iOS 5.1.1 untethered jailbreak tool released, supports 4S, iPad 3
-
After five days, Facebook ranks as worst IPO flop of the decade
-
Rumor: Windows 8 RC will launch June 1, will ship with Adobe Flash
-
Rumor: AMD "Piledriver" FX CPU production to begin Q3 2012
-
Diablo III becomes the fastest-selling PC game in history
Editors' Case Picks
Subscribe to TechSpot
Get free exclusive content, learn about new features and tech breaking news.
