1 / 32

Internet Explorer 7 Security Features

Internet Explorer 7 Security Features. Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com http://blogs.technet.com/steve_lamb. Agenda. Lessons learned from IE in Windows XP SP2 Overview of Internet Explorer 7 Detailed features and demo Timeline

anthea
Download Presentation

Internet Explorer 7 Security Features

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internet Explorer 7Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com http://blogs.technet.com/steve_lamb

  2. Agenda • Lessons learned from IE in Windows XP SP2 • Overview of Internet Explorer 7 • Detailed features and demo • Timeline • More information

  3. First, Let me ask… • How many of you are using IE7 now? • What build? • How can we help you?

  4. Post Windows XP SP2 • Strengths • Big security investments were worthwhile • Right balance of application compatibility and security • Opportunities to improve • Social attacks (phishing) as important as code execution • Bad trust decisions don’t have an “undo” option • Make life better for Web developers • Everyone wants new features

  5. Internet Explorer 7 • Major innovations in IE7 for Windows XP SP2 • Enhanced functionality in IE7 in Windows Vista includes: • Protected Mode • Parental Controls integration • Key areas of focus: • Makes everyday tasks easier • Dynamic security protection • Improved platform and manageability

  6. IE7 – New Look

  7. Tabbed Browsing

  8. Quick Tabs

  9. Page Zoom After Before

  10. Shrink-To-Fit PrintingWeb Pages Automatically Formatted To Print Properly

  11. Inline Search

  12. RSS Feed Reader

  13. Clearer information about trusted sites Trust Badge rotates to show Certificate Authority Enhanced Validation Certificates

  14. Dynamic Security ProtectionInternet Explorer 7 Technology to protect against technology attacks Limit programmatic access Reduce attack surface Warn if settings insecure Simplified architecture Technology to protect against social attacks Anti-phishing service Secure site visuals and info Address bar anti-spoofing “One-click cleanup” 15

  15. Security Features • Protecting the machine from technology attacks • Unified URL parsing • Cross-domain security enhancements • Code quality improvements to reduce buffer overruns • ActiveX Opt-in • Protected Mode (Microsoft Windows Vista only) • Protecting the user from social attacks • Download scanning with Windows Defender • Phishing Filter • High-assurance SSL and address bar • Dangerous settings notification • Secure defaults for International Domain Names • Parental controls (Windows Vista only)

  16. ActiveX Opt-in UserAction DisabledControls BrokerProcess Low Rights UserAction EnabledControls Windows IECache My Computer (C:) Protected Mode ActiveX Opt-in & Protected ModeDefending systems from malicious attack ActiveX Opt-in:puts users in control • Most controls disabled • Reduces attack surface • Retain ActiveX benefits, increase user security Protected Mode*: reduces severity of threats • IE process ‘sandboxed’ to protect OS • Eliminates silent malware install • Designed for security and compatibility * Windows Vista only

  17. Install an ActiveXcontrol Exploit can install MALWARE Change Settings, Download a Picture Exploit can install MALWARE Cache Web content Internet Explorer Running with Full Privileges IExplore.exe Admin Rights Access HKLM Program Files User Rights Access HKCU My Documents Startup Folder Temp Internet Files Untrusted files and settings

  18. Compat Redirector Install an ActiveX control Change settings, Save a picture Cache Web content Redirected settings and files Protected Mode Runs with LowestPrivilege Protected Mode Internet Explorer Integrity Control Broker Process Admin Rights Access HKLM HKCR Program Files Broker Process User Rights Access HKCU My Documents Startup Folder Temp Internet Files Untrusted files and settings

  19. Security Status BarMakes users aware of online security and privacy Enhanced Validation Trusted party has provided extensive verification for the authenticity of certificate holder Website provided a certificate matching the server and appears trustworthy Standard Security Incorrect Data • There are errors in the certificate provided and the website should not be trusted Phishing Filter (Warn) The website contains characteristics found in phishing websites … proceed cautiously Phishing Filter (Block) A warning is displayed and users are navigated away from the website 20

  20. Phishing FilterClient-side heuristics, allow-list, and Web service URL Reputation Service https://urs.microsoft.com Known Good URLs IEAPFLTR.DAT

  21. Grader ConfirmedSites Third Party Phishing databases End User Report Site OwnerReport Phishing FilterPopulating the URL reputation service URL Reputation Service https://urs.microsoft.com

  22. Address Bar Everywhere

  23. Fix My Settings

  24. IDN Display

  25. Phishing Filter – Suspicious Site

  26. Phishing Filter - Blocked Site

  27. Fix My Settings

  28. Customer Call To Action • Read the technology overview • Upgrade to IE7 RTM • Test LOB applications and public websites • Provide feedback to Microsoft (mailto:ietell@microsoft.com)

  29. More IE7 Information • Download the IE7 RC1 at http://www.microsoft.com/ie • Technical docs on IE Developer Centerhttp://msdn.microsoft.com/ie • IT Administrator information on Technet http://www.microsoft.com/technet/prodtechnol/IE/ieak7 • More technical information on TechNet http://www.microsoft.com/technet/prodtechnol/IE • Follow the IE Team Blog athttp://blogs.msdn.com/ie

  30. Resources 1 Internet Explorer Blog http://blogs.msdn.com/ie/ Internet Explorer Feedback Alias ietell@microsoft.com Internet Explorer Developer Center http://msdn.microsoft.com/ie/ Internet Explorer 7 Readiness Toolkit http://go.microsoft.com/fwlink/?LinkId=64421 Internet Explorer 7 App Compat Toolkit http://blogs.technet.com/all_things_appcompat/default.aspx Internet Explorer 7 External Bug Database https://connect.microsoft.com/site/sitehome.aspx?SiteID=136 Internet Explorer Administration Kit (IEAK) 7 Beta 2 http://www.microsoft.com/technet/prodtechnol/ie/ieak7/default.mspx

  31. Resources 2 Technical Chats and Webcasts http://www.microsoft.com/communities/chats/default.mspx http://www.microsoft.com/usa/webcasts/default.asp Microsoft Learning and Certification http://www.microsoft.com/learning/default.mspx MSDN & TechNet http://microsoft.com/msdn http://microsoft.com/technet Virtual Labs http://www.microsoft.com/technet/traincert/virtuallab/rms.mspx Newsgroups http://communities2.microsoft.com/ communities/newsgroups/en-us/default.aspx Technical Community Sites http://www.microsoft.com/communities/default.mspx User Groups http://www.microsoft.com/communities/usergroups/default.mspx

  32. Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com http://blogs.technet.com/steve_lamb © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

More Related