Microsoft To Beef Up Internet Explorer 7 Security
2005-12-08 10:35:00
Microsoft is changing Internet Explorer 7's security zones in a bid to create a more attack-resistant browser, according to public blog entry written by three developers at the software giant.
Like its predecessors, IE 7 enforces security policies by clumping sites into four security categories, or zones, dubbed Internet, Intranet, Trusted Sites, and Restricted Sites. Typically, the Intranet zone comes with fewer restrictions than the Internet zone.
In the past, however, attackers have sometimes managed to fool IE into treating an outside site as in one of the less-secure zones; that's called a "zone-spoofing attack."
To prevent some of these attacks, IE 7 will instead treat all sites as being in the more-secure Internet zone, unless the PC is really part of a managed network (such as is often the case in a corporate environment).
"This change effectively removes the attack surface of the intranet zone for home PC users," wrote Vishu Gupta, Rob Franco and Venkat Kudulur, on the trio's "IEblog".
The Internet and Trusted Sites zones will also be tightened up in IE 7, said Gupta. In Windows Vista, the Internet zone will run in "protected mode," which prevents invisible installs of malicious code, while both versions of the browser -- for Vista and Windows XP -- will feature a new ActiveX Opt-In setting that reduces the likelihood of hackers using ActiveX controls.
IE 7 will also change the default of the Trusted Sites zone to "Medium," the same level of security as the Internet Zone in IE 6, added Gupta. (IE 6's default for the zone is "Low.")
Internet Explorer 7 is currently in limited beta testing, but a public beta that will include the new security features is scheduled to release in the first quarter of 2006.
|
|
RIAA Sues Music Swappers At Three Universities
The Recording Industry Association of America has filed lawsuits against 751 people suspected of illegally distributing copyrighted music, including students at Drexel University, Harvard University and the University of Southern California.
Google Reportedly Offering To Take A $1 Billion Stake In AOL
Google Inc. has entered exclusive negotiations with America Online Inc., offering $1 billion for a 5 percent stake in the Internet portal, the Wall Street Journal reported Friday.
Host Color gives security advice to webmaster
The Delaware based Web hosting company Host Color LLC has released in its forums a number of articles on the basics of webmaster security. The company wants to raise awareness among novice webmasters of the main measures they have to take to make their sites secure. The company has been alarmed by the growth in SPAM and other hacker attacks it has observed.
THQ signs deal for dynamic ads in games
THQ will be the first major video-game publisher to have dynamic ads in its video games.
.
blinkx With Free Video Content for Your iPod
blinkx, the smartest thing on your computer and on the Web, today launched blinkx.tv To Go, a service that enables users to search for specific video content online and sync it with one click to their iTunes or personal video player software, regardless of its original format.
Patch causes glitches with beta version of IE browser
Microsoft is receiving scattered reports that one of the security patches issued last week for Internet Explorer (IE) is causing problems for users testing a new beta version of the browser alongside the existing version, according to a company blogger.
Microsoft Drops Support for Mac IE
Microsoft Corp. Monday told Mac users of its Internet Explorer that they should switch to a rival browser such as Apple's Safari before IE support ends.
Web Hosting Company Host Color Increases Storage and Bandwidth Limits
Web hosting provider Host Color has announced its new updated offers for three of its service plans. The web host will also be releasing next week the new milestone version of its Next Color linux web hosting Control panel.
IBM buys Bowstreet in business software expansion
IBM, the world's biggest computer company, said on Tuesday it bought privately-held Bowstreet Inc. to make it easier for business customers to gather and view business information from different sources.
Vendor calls creation a wireless iPod for the written word
A Royal Philips Electronics spin-off company has developed a wirelessly-connected “electronic reader” tablet based on a high-contrast "electronic paper" display technology from E Ink Corp.
|
