No single application epitomises Microsoft’s past security failures than Internet Explorer (IE). With IE 7, Microsoft is attempting to improve IE’s image. IE 7 is available for Windows XP as well as Windows Vista, but certain IE 7 security features are available only with Windows Vista. New security technologies in IE 7 include:
-
• Internet Explorer Protected Mode Available only in Windows Vista, this feature helps reduce previous software vulnerabilities in browser extensions by eliminating the possibility of using them to install malicious software without a user’s knowledge or consent. Protected Mode uses mechanisms with higher integrity levels that restrict access to processes, files and registry keys to accomplish this goal. In protected mode, system files and settings cannot be changed without a user’s explicit permission.
-
• ActiveX Opt-in ActiveX controls have been a major weakness in IE. Some enterprises ban them outright or allow only certain ActiveX controls (such as Microsoft Update). Although many security experts advocate disabling ActiveX on Windows systems, the functionality of many websites (including online bank websites) depends on the availability of ActiveX controls on browsers. With IE 7, Microsoft introduces the concept of “ActiveX opt-in,” a feature that automatically disables all controls that are not explicitly allowed by the user. In Windows Vista, the Information Bar prompts users before they can access a previously installed ActiveX control that has not yet been used on the Internet. By providing a mechanism for the user to permit or deny access for each ActiveX control before it is used, ActiveX opt-in further reduces the probability of a successful attack. Websites with functionality that depends on ActiveX controls may conceivably in time no longer be viable because of ActiveX opt-in.
-
• Cross-site scripting attack protection Cross-site (also known as cross-domain) scripting has plagued virtually all browsers, IE very much included. In a cross-site scripting attack, a user might visit a page on a malicious website that opens a new browser window containing a legitimate page (i.e. one at a bank website) that prompts the user to enter account information. This information could then be extracted by a malicious script and made available to the attacker. In IE 7, new cross-site script barriers help limit the ability of malicious websites to manipulate vulnerabilities in other websites.
-
• Phishing Filter Phishing is a technique that many attackers use to trick computer users into revealing personal or financial information through specially worded email messages or websites. “Phishers” masquerade as legitimate persons or businesses to deceive people into revealing personal information (e.g., passwords, credit card numbers, and social security numbers). The phishing Filter in IE 7 helps protect users from succumbing to phishing scams by:
-
• Comparing the addresses of websites that a user attempts to visit with a list of reported legitimate sites stored on the user’s computer.
-
• Analyzing websites that users visit by checking them for characteristics common to phishing sites.
-
• Sending the address of a website that a user visits to a Microsoft online service that checks the site against a constantly updated list of known phishing sites.
Even if the site is unknown to the Phishing Filter service, IE 7 examines the behaviour of the site and informs the user if the site is doing anything suspicious. By doing this, the Phishing Filter helps to prevent a site from collecting user information before it has been officially reported.
Kaynak: sciencedirect.com
belgesi-870