I n this Internet Explorer 8 series, we will examine the upcoming security improvements and enhancements coming to Internet Explorer 8.

In August, Microsoft will ship Internet Explorer 8 Beta 2, the second major milestone of it’s upcoming Web browser. Whereas the current Beta 1 release in March was focused on developer features. However, Microsoft has made plenty of progress, the upcoming Beta 2 release (scheduled to ship in August) will be all about the end user.

Microsoft is now talking about the new and improved security features that will debut in the upcoming Internet Explorer 8 Beta 2 release. These features constitute the the majority of work Microsoft is doing around security in IE 8.

A look back at recent Internet Explorer security advances

As a major release of the browser, Microsoft included a number of security enhancements, such as Protected Mode (Windows Vista only), ActiveX Opt-in, international domain spoofing protection and more. There were also related enhancements around the Manage Add-ons user interface.

In Internet Explorer 8 Beta 1, Microsoft added a few security enhancements as well. The most obvious was domain highlighting. Microsoft also  implemented a few of the other security enhancements in Internet Explorer 7 Beta 1, I’ll describe those below. But they’re only now discussing these changes, and of course Internet Explorer 8 Beta 2 will complete the picture. Let’s take a look at where Microsoft is headed with Internet Explorer 8 security.

Security Improvements In Internet Explorer 8

In terms of security, Internet Explorer 7 is already and excellent product, especially on Windows Vista, where you can take advantage of Protected Mode. But with online threats evolving, Microsoft is taking steps to hinder new types of attacks in Internet Explorer 8. Here’s what the company is doing.

SmartScreen® Filter

In Internet Explorer 7 Microsoft introduced the Phishing Filter, a dynamic security feature designed to warn users when they attempt to visit known-phishing site. Now, with Internet Explorer 8, Microsoft built upon the success of the Phishing Filter feature (which blocks over a million phishing attacks weekly) to develop the SmartScreen® Filter, a replacement that improves upon the Phishing Filter in a number of important ways:

• Improved user interface
• Faster performance
• New heuristics & enhanced telemetry
• Anti-Malware support
• Improved Group Policy support

I’ll describe each of these in the sections that follow.

Improved User Interface

In Internet Explorer 8 Microsoft is introducing an improved, and simplified opt-in experience for the SmartScreen Filter, integrating the option in to the first-run experience. After first-run, you later change your preferences.

The new SmartScreen blocking page offers clear language and guidance to help you avoid known-unsafe websites (Figure 1).

The “Go to my homepage” link enables you easily to navigate away from the unsafe website to start browsing from a trusted location. If you instead choose to ignore the SmartScreen warning by clicking the “Disregard and continue” link, the address bar remains red as a persistent warning as long as you are on the unsafe site.

If you uncover a new phishing site, you can submit it for analysis using the “Report Unsafe Website” option on the Tools menu. In the unlikely event of a false-positive, you can provide feedback using the “Report that this is not an unsafe website” link on the blocking page or by clicking the “Unsafe Website” flyout in the address bar.

Improved Performance

As a part of Microsoft’s overall investment in improving performance across Internet Explorer, they’ve made several performance tweaks to the SmartScreen Filter to improve its speed and lower its impact on browser performance. Detection of unsafe sites happens in parallel with navigation, so you can confidently surf the web without being forced to make a tradeoff between speed and safety.

New heuristics & telemetry

As attackers have evolved their phishing sites in an attempt to avoid being recognized and blocked, the SmartScreen Filter has also evolved to catch more phishing sites than ever before. With new heuristics, Internet Explorer 8 will be able to evaluate more aspects of web pages to detect suspicious behavior. These new heuristics, combined with enhanced telemetry, allow the URL Reputation Service to identify and block phishing sites faster than before.

In rare cases however, SmartScreen Filter will request feedback on sites of unknown reputation, as shown below:

User feedback about unknown sites is collected by the SmartScreen web service and quickly evaluated to block new phishing sites as they are discovered.

Anti-Malware Support

The SmartScreen Filter goes beyond anti-phishing to help block sites that are known to distribute malware, malicious software that attempts to attack your computer or steal your personal information. There are many types of malware, but most types impact your privacy and security. The SmartScreen anti-malware feature is URL-reputation-based. This means that it evaluates the servers hosted download to determine if those servers are known to distribute unsafe content. SmartScreen’s reputation-based analysis work with other signature based anti-malware technologies like the Malicious Software Removal Tool, Windows Defender, and Windows Live OneCare, in order to provide comprehensive protection.

If you are taken to a site known to distribute malware, the SmartScreen blocking page is displayed and indcates that the server is known to distribute unsafe software. On the other hand, if you click on a link to a download hosted by a known-malicious site, the Internet Explorer Dialog will interrupt the download to warn you of the threat (see screenshot below).

SmartScreen’s anti-malware feature complemented by the IE8 features that combat malicious repurposing or exploit of browser add-ons, helps to protect you from a full range of malicious websites.

Group Policy Support
Group Policy can be used to enable or disable the SmartScreen Filter for Internet Explorer users across an entire Windows domain. A new Group Policy option is available that allows domain administrators to block users from overriding SmartScreen Filter warnings. When Group Policy restrictions are enabled, the option to override the SmartScreen warning screen is removed from the blocking pages and download dialog.

• No Related Post