Microsoft touted
security as one of IE7's major concerns, and several of the Web
browser's newly enhanced features demonstrate exactly that. Read
about these new Web browser security features like theActive-X opt-inand
anti-phishing technology as well as when you might not
want to use Internet Explorer 7.
Table of contents
Internet Explorer security settings and
controls
Securing Microsoft Internet Explorer 7
Securing Microsoft Internet Explorer
6
| Securing Microsoft
Internet Explorer 7 | |
Internet Explorer 7
Internet Explorer 7 (IE7) is Microsoft's latest version of its
popular Web browser. Touted as the most secure version of the Web
browser to date, it still goes without saying that IE7 is not
hacker proof. Internet Explorer 7's features are designed to
prevent malware infections on your Windows system. With
cross-site scripting protection and all Active-X controls shut
off by default, Internet Explorer 7 users are protected from
attacks from other malicious Web sites. Also, IE7's rewritten URL
parser reduces the possibility of
buffer overflow attacks.
Internet Explorer 7's title position as the newest version of
the most oft-hacked Web browser makes it an appealing target for
hackers who wish to install various types of malware on your
system. Check out the tips below to get a handle on the
type of security IE7 provides and how to
keep your Windows shops as secure as possible.
Internet Explorer 7: How it can make your life easier
Internet Explorer 7 features a litany of new security features.
Being aware of the ins and outs of
IE7's new security features can make any
security administrator's life easer.
Rewritten URL parser reduces buffer overflow exploits
Many of the security patches for previous versions of Internet
Explorer have been designed to fix unchecked buffers. The reason
why these
Internet Explorer patches are so important
is because hackers can construct malicious Web sites in such a
way that they can trick a user into clicking on a link that is
associated with an extremely long or malformed URL. When
Internet Explorer attempts to parse the URL, the URL's malformed
nature or excessive length would cause a buffer overflow. If the
malicious Web site had managed to place executable code into
just the right place within the buffer prior to triggering the
buffer overflow, the buffer overflow could cause the code to
execute.
In Internet Explorer 7, Microsoft has completely rewritten the
URL parser. As a result, buffer overflow exploits within Internet
Explorer should become a thing of the past.
ActiveX opt-in
One of the biggest security problems in previous versions of
Internet Explorer was when malicious Web sites used
ActiveX controls to steal information or to
wreak havoc on the victim's system. There are actually a whole
group of ActiveX controls that come with Internet Explorer and
that are enabled by default in previous versions of the browser.
These ActiveX controls were not intended to be malicious, but
some hackers have figured out how to use the controls for
malicious purposes.
In Internet Explorer 7, all built-in ActiveX controls are
disabled by default. When a user accesses a Web page that requires
one of these controls, the user can decide for herself whether or
not to allow the ActiveX control to run. This helps prevent
malicious Web sites from performing automated ActiveX-based attacks
against Internet Explorer.
Anti-phishing technology
Another caveat in IE7 is
anti-phishing technology. IE7 validates Web sites
against a Microsoft-maintained database of known phishing sites
and notifies users when a Web site is suspected of being a
phishing site. Users can disable the phishing filter if they
choose.
Internet Explorer 7 also comes with other user-friendly
Web browser enhancements, like RSS support,
tabbed browsing and cross domain scripting protection.
Internet Explorer 7's security issues
As with all new software technologies, true security, no matter
how highly regarded, is an impossible dream. The same can be said
of this new Web browser, as some
IE7 flaws have been revealed in recent
months. Internet Explorer 7 (IE7) is light years ahead of its
predecessors, but by no means does that proclamation mean that
the browser is perfect. You are still going to encounter issues
with IE from time to time. Our concise guide delivers some
troubleshooting steps that will clear up the majority of
IE security issues that may come up.
Problems with the Web browser
Given the stack of protocols and applications that have to come
together in order to make Internet browsing and access function
properly, it can be difficult to nail down exactly what your
problem is. If you're experiencing problems browsing the Web, try
the following steps:
- Use an alternate browser. If you can connect to standard
Web sites, then something within Internet Explorer is most likely
the source of your problems.
Check for problems on particular ports. See if you can
connect to a secure Web site. If you can use an SSL-enabled site,
chances are port 443 works. Try a standard Web site again; if it
doesn't work, port 80 is a problem. This information can be useful
in tracking down a port-sharing conflict.
- Try a different Internet connection. If you have a
laptop, go to a wireless hotspot and try to connect. If you have
access to a dial-up connection, try that temporarily. This can
eliminate whether local network connections are causing the
problem.
Diagnose IE7 conflicts with third-party software
By far, the most common problems with Internet Explorer you'll
find -- lockups, inability to load pages, irritating delays in
responding to clicks and other user feedback -- are a result of a
clash between plug-ins and other third-party applications you've
added to a default Internet Explorer installation. Of course,
troubleshooting IE in this way becomes more
of a challenge when you have more than one add-in installed. One
particular program could cause an issue and so could the way one
program interacts with another. The permutations can mount up
quickly.
To diagnose whether add-ins are part of your problem, Internet
Explorer 7 comes with a No Add-ons mode. You access it by going to
Start, All Programs, Accessories, and System Tools. Select
"Internet Explorer (No Add-ons)" and see if the problems you've
been encountering are still present, without all of the add-ins
running. If indeed the problem is resolved without add-ins
involved, then it's time to figure out which one is causing
problems. Start IE7 the normal way, and then from the Tools menu,
select Internet Options and then the Programs tab, and then click
the Manage Add-ons button. Select an add-on from the list, and then
click Disable. Lather, rinse, repeat as necessary.
For more tips and expert advice on Internet Explorer, including
news about recent patches and updates, visit our
hardening Internet Explorer tips page.