10 things you should know about Internet Explorer 7 Security
Takeaway: Internet Explorer 7 is designed to make browsing safer. Here's a quick rundown of some of the new security features, including Active X opt-in, the Phishing Filter, cross-domain security, enhanced privacy protection, and an international character alert.
This article is available as a PDF download. It's also part of the collection "100 things you should know about Windows Vista."
Some sensationalistic reports of a security flaw immediately followed Internet Explorer 7's final release, but the vulnerability turned out to be in Outlook Express rather than IE. In fact, Microsoft has put a great deal of effort into making IE 7 more secure. Here are some of the new IE 7 security features and what they can do for you.
#1: Default protection from potentially dangerous Active X controls
Active X controls that haven't been checked out and verified as safe no longer run automatically by default; instead they're automatically disabled by the Active X opt-in feature.
#2: Per-zone control of Active X opt-in
You can disable Active X opt-in on a per-zone basis. It's enabled by default on the Internet and Restricted Sites zones for better security and disabled on the Intranet and Trusted Sites zones.
#3: Site and zone locking for Active X controls
Developers can now make their Active X controls more secure by restricting a control to run only on a particular site (site locking) or only in a specific security zone (zone locking).
#4: Protection against phishing
IE 7 introduces the Phishing Filter, which helps protect users from being fooled into entering personal information or passwords that can be collected and used for identity theft. The Phishing Filter automatically checks the Web sites you visit against a list of known phishing sites and issues a warning if the site has been identified as a phishing site. If you prefer not to have sites checked automatically, you can check specific sites when you suspect they might be phishing sites.
#5: Cross-domain security
A attack tactic called cross-domain scripting is prevented by new IE 7 security mechanisms that force scripts to run in the their original security context even if they're redirected to a different security domain.
#6: Locked down security zones
Security zones in IE 7 are locked down tighter than before, with higher default security settings, disabling of the Intranet zone on non-domain computers, and an interface that makes it harder to select low or medium low security.
#7: Better SSL/TLS notification and digital certificate info
Users of IE 7 can more easily determine whether a Web site is secured by SSL/TLS and get information on the digital certificates issued to the site. Sites with high assurance certificates cause the address bar to turn green.
#8: Privacy protection features
Three new registry keys, called Feature Control keys, prevent HTML from getting a user's personal information. In addition, you can easily clear out information you've entered in Web pages, as well as the browser cache (Temporary Internet Files), history, cookies and other personal info, with a single click.
#9: Address bars
All browser windows in IE7 contain address bars, so it's harder for a malicious site to conceal its identity by hiding the URL of the site.
#10: International character alert
IE 7 supports international characters, but to prevent spoofing that exploits the similarity of characters in different languages, the browser warns you that the characters are in another language when international character sets are used.
Print/View all Posts Comments on this article
 10 things you should know about Internet Explorer 7 SecurityJodyGilbert  | 10/30/06 |
 Time trials vs IE6?g-lgold@... | 11/02/06 |
| Microsoft always seems to write bloated code.gerryrains@... | 11/28/06 |
 it's Microsoft. IE7 vs IE6 is going to be slowerNeon Samurai | 12/20/06 |
| So what exactly is new in IE7?consultas@... | 11/02/06 |
| Masochism, anyone?Macrat | 12/15/07 |
 Without UAC on and Protected modeTony Hopkinson | 12/16/07 |
| is it secure enough?samthetrue@... | 11/06/06 |
| You're an idiot to use IE7NetFodder | 11/12/06 |
| Examples Pleaserickk@... | 11/28/06 |
| Re: You're an idiot.......august@... | 12/16/06 |
| Please, Netfodder, stop with the childish insultsrsherrell@... | 09/23/07 |
| a few things that are the sameerik@... | 10/31/06 |
| phishing/ssl chngeserik@... | 10/31/06 |
| SSL self signed certswmpierro@... | 11/02/06 |
| Agreeajaytikoo@... | 11/02/06 |
| Problems with IE 7.0GreenPirogue | 11/06/06 |
| Been using it for a whileJMIRTC | 11/07/06 |
| problem with IE 7khalidkp006@... | 12/22/06 |
TechRepublic Featured Jobs
| Job Title/Location | Posted |
|---|
- Powered by:
- .
White Papers
- Best Practices for Migrating to Exchange 2007 Quest Software
- Live Webcast: Optimizing Online Customer Interactions BNET
- Microsoft Startup Center - Where new businesses get started Microsoft
- Ipswitch WhatsUp Gold Premium Edition v12 Ipswitch
- A Step-by-Step Guide to Starting Up SaaS Operations OpSource
- Releasing Resources to Support Growth - The Long-Term Benefits of Finance Transformation Concur Technologies
Article Categories
- Security
- Security Solutions, IT Locksmith
- Networking and Communications
- E-mail Administration NetNote, Cisco Routers and Switches
- CIO and IT Management
- Project Management, CIO Issues, Strategies that Scale
- Desktops, Laptops & OS
- Windows 2000 Professional, Microsoft Word, Microsoft Excel, Microsoft Access, Windows XP,
- Data Management
- Oracle, SQL Server
- Servers
- Windows NT, Linux NetNote, Windows Server 2003
- Career Development
- Geek Trivia
- Software/Web Development
- Web Development Zone, Visual Basic, .NET
