Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

IE8 – information posted to the IE blog

July 2nd 2008 in Uncategorized

The Internet Explorer team have published 3 new articles about IE8 that are well worth a read.


First, the SmartScreen filter:
IE8 Security Part III- SmartScreen® Filter

The feature that I want to call out about the SmartScreen filter is the antimalware support – SmartScreen not only blocks access to known phishing and malware sites, it will block downloads from known malicious sites, meaning that victims are protected even if they don’t visit a known malware site directly.  For example, if a victim is tricked into clicking on a link in an email or Instant Message window that will download malware, then as long as IE is your default browser, SmartScreen will block the download.  I can think of a whole slew of fake security software aka fraudware aka betrayware that I believe should be blocked via the SmartScreen filter.

Of course, such blocking can be overridden if need be (for example, because of false positives).  For those of you that are responsible for network management and security, you will be pleased to know that Group Policy can be used to stop users from overriding the SmartScreen Filter.

The SmartScreen user interface has also been improved.


Second, cross site scripting (XSS) vulnerabilities – XSS filtering
IE8 Security Part IV- The XSS Filter

When the filter discovers likely XSS in a cross-site request, it identifies and neuters the attack if it is replayed in the server’s response. Users are not presented with questions they are unable to answer – IE simply blocks the malicious script from executing.


Third, security improvements:
IE8 Security Part V- Comprehensive Protection

As we were planning Internet Explorer 8, our security teams looked closely at the common attacks in the wild and the trends that suggest where attackers will be focusing their attention next. While we were building new Security features, we also worked hard to ensure that powerful new features (like Activities and Web Slices) minimize attack surface and don’t provide attackers with new targets. Out of our planning work, we classified threats into three major categories: Web Application Vulnerabilities, Browser & Add-on Vulnerabilities, and Social Engineering Threats. For each class of threat, we developed a set of layered mitigations to provide defense-in-depth protection against exploits.

Comments are closed.

Neowin says:
“Spybot – Search & Destroy detects and removes spyware, a relatively new kind of threat not yet covered by common anti-virus applications. Spyware silently tracks your surfing behavior to create a marketing profile for you that is transmitted without your knowledge to the compilers and sold to advertising companies. If you see new toolbars […]

Previous Entry

Do you ever get the feeling that people are not listening? I blogged about malicious advertisements featuring XM Radio on Sunday here:Report- Malvertizements that have been circulating Now Kimberley has discovered that those same XM Radio malvertizements are appearing on the ifrance.com web site – info here:http://www.bluetack.co.uk/forums/index.php?showtopic=18064&pid=87888&mode=threaded&show=&st=90&#entry87888 I admit to feeling a lot of frustration […]

Next Entry