Microsoft Unveils New Internet Explorer Security Features

July 2, 2008 – 9:55 AM

Internet Explorer’s getting a little bit safer. Microsoft Wednesday unveiled significant new security features that will be in the next version of the company’s Web browser, Internet Explorer 8, currently in public beta testing.

From Microsoft’s standpoint, any improvement in security is a plus, and the company seems to be taking that to heart with Internet Explorer 8, which includes a slew of new or upgraded security features. In the past, Microsoft has been heavily criticized for its browser security, while its chief competitor, Mozilla Firefox, has been largely lauded.

One of the most important new features in IE8 is a set of cross-site scripting defenses to protect the browser against the most common type of these attacks, known as “reflection” attacks, wherein transmitted data is sent back to the attacker. During these attacks, hackers could be stealing cookies and browser history, logging keystrokes, stealing credentials, or just evading phishing filters.

Internet Explorer 8 will also have what Microsoft’s calling the SmartScreen Filter, which has been previously announced, but is more than Microsoft originally let on. It’s an upgraded version of the phishing filter found in Internet Explorer 7 with a twist. It now includes malware protection, a feature also found in the latest versions of Mozilla Firefox and Opera.

When users visit a site that’s been reported by any one of a number of third party data providers as a phishing or malware-laden site, they’ll be greeted with a big red background and a warning. That’s an upgrade over the anti-phishing user interface in Internet Explorer 7, which Microsoft tests found looked too much like a potentially less harmful page that just has security certificate errors.


You must be logged in to post a comment.