The security and privacy technologies offered in Internet Explorer 8 includes:
Internet Explorer 8 includes the SmartScreen Filter, a technology developed by Microsoft to increase the level of protection of users from known Web and social engineering exploits. It is a refinement of the Phishing Filter in Internet Explorer 7.
The SmartScreen Filter helps to block known phishing and malware sites. In addition, the SmartScreen Filter includes protection from ClickJacking, a technique attackers can use to capture keystrokes, steal user credentials, deface Web pages, or launch other types of malicious attacks. The SmartScreen Filter also includes the new Cross-Site Scripting Filter (XSS), which helps to prevent against type-1 cross-site scripting attacks.
Phishing is a technique that many attackers use to trick computer users into revealing personal or financial information through a Web site or email message. The idea is to masquerade the site as a legitimate site and deceive people into revealing personal information, login name, account password and credit card numbers.
The SmartScreen Filter in Internet Explorer 8 advises users about suspicious or known phishing Web sites from Micrsoft database of such sites. The filter also analyzes Web site content for known phishing techniques, and uses a global network of data sources to determine the trustworthiness of Web sites. It combines client-side Web page scans for suspicious Web site characteristics with an opt-in online service.
The filter is designed to help protect users from phishing scams and malware sites in three ways:
Comparing the addresses a user attempts to visit with a list of known high-traffic sites stored on the userís computer. If the site is found in the list, no further checks are performed.
Analyzing Web sites that users want to visit by checking them for characteristics that are common to phishing sites.
Sending the Web site address that a user attempts to visit to an online service that Microsoft maintains, which then checks the address against a dymanic list of phishing and malware sites. These sites have been confirmed by reputable sources as fraudulent or malicious and reported to Microsoft. This is done via asynchronous SSL connection, allowing pages to load and not impact user experience. If the service cannot be contacted, the page renders normally, and a message balloon appears in the status bar indicating that the service cannot be contacted.
You can use Internet Explorer to analyze a Web site to determine whether or not it is likely to be a phishing site at any time by clicking the Safety button, pointing to SmartScreen Filter, and then clicking Check This Website. To help ensure user privacy, the SmartScreen Filter prompts the user to choose whether to enable or disable the feature ó it is not set either way by default. You can remove this choice by disabling the first run experience or using the IEAK to build a custom package for your organization. To properly use the SmartScreen Filter protections, we recommend organizations to configure systems to both automatically enable SmartScreen and prevent users from disabling the SmartScreen Filter. In addition, we recommend removing the Click to Continue option that appears on SmartScreen warning screens, which is triggered when the SmartScreen Filter identifies a phishing and malware related Web site. For more information about locking down Internet Explorer to prevent users from disabling the SmartScreen Filter, and stopping users from ignoring the warning screens, see Chapter 3, "Privacy Setting Recommendations."
ClickJacking occurs when an attackerís Web page entices the user to click on content delivered from another domain without the user realizing it. ClickJacking renders most anti-CSRF (cross-site request forgery) mitigations defenseless, and attackers can use it to reconfigure certain browser add-ons in unsafe ways. The SmartScreen Filter now includes a new security feature designed to help detect and prevent ClickJacking. This feature is part of the Internet Explorer 8 codebase, so it is always enabled and cannot be disabled. Attackers show a set of dummy buttons, and then load another page over it in a transparent layer. Users think they are clicking the visible buttons, while they are actually performing actions on the hidden page. The hidden page may be an authentic page, and therefore the attackers can trick users into performing actions that they never intended to do. There also is no way to trace such actions later, because users genuinely authenticated themselves on the other page.
For sites to take advantage of the added protection from ClickJacking exploits, they need to add an X-FRAME-OPTIONS tag in either the HTTP header or the HTTP EQUIV meta tag.
For more information about ClickJacking, see the IE8 Security Part VII: ClickJacking Defenses blog.
Note Clickjacking protection is enabled by default. ClickJacking support is part of the browser's defense in depth design and cannot be disabled.
Cross-Site Scripting (XSS) Filter in the SmartScreen Filter helps protect users from certain types of server-side application vulnerability attacks. These attacks are known as Type 1, or reflected attacks, and they are the most common types of cross-site scripting attacks.
They occur when a malitionus code is injected in user submitted data in some form and this code is passed to a Web server and then reflected back to the user as a part of the page generated for the user. At this point it will be executed in the user Web browser environment. If the form data input is not validated, that the user-supplied data is included in the resulting page, allowing to execute this code in the page sent to the user.
The XSS Filter helps protect users from this type of attack by analyzing the user data input returned to them. By analyzing the data stream, Internet Explorer 8 can identify certain actions that do not appear to have a valid usage scenario and then stop the offending script from running to help protect the user.
Note: XSS protection is enabled by default. However, users can disable the XSS Filter. Users also can enable the SmartScreen Filter for protection from phishing and malware as outlined above.
IE 8 automatically highlights in green if it considers that the site the user viewed is a legitimate owner of the domain in question. This helps users to identify cases when they are redirected to phising site that looks like legitimate site with the attempt to deceive them into loggin in this site and srealing thier credentials.
IE8 provides better visual cues about the identity of Web sites and the encryption that they use then other browsers.
Domain highlighting is always enabled (it cannot be disabled), and is visible with all other address bar warnings and notifications
Internet Explorer Protected Mode is available if IE 8 is running on Windows 7 or Windows Vista. The Protected Mode feature adds additional defenses by limiting application access to only certain areas of the file system and registry. In addition, Protected Mode helps to prevent malicious code from taking over a userís browser and executing code through elevated privileges. Protected Mode helps reduce previous software vulnerabilities in extensions for the browser by eliminating the possibility of using them for the silent installation of malicious code. The feature uses mechanisms with higher integrity levels than in Windows 7 and Windows Vista that restrict access to processes, files, and registry keys to accomplish this goal. The Protected Mode application programming interface (API) enables software vendors to develop extensions and add-ons for Internet Explorer that can interact with the file system and registry while the browser is in Protected Mode. When in Protected Mode, Internet Explorer 8 runs with reduced permissions to help prevent user or system files or settings from changing without the userís explicit permission.
Protected Mode also is now more user-friendly than it was in Internet Explorer 7 when combined with the new Loosely Coupled Internet Explorer (LCIE) design. In general, LCIE separates the frame and window processes used in Internet Explorer, allowing Protected Mode tabbed windows to appear side by side with content on other pages not subject to Protected Mode. This enhancement eliminates the need for the "broker" process used by Internet Explorer 7, and instead passes all functions that require elevation to the frame process.
Protected Mode is enabled by default for all users, except when a user is logged on to the built-in Administrator account. Other accounts with administrator permissions run in Protected Mode by default. You can disable Protected Mode by using either the launch option or in a registry/GPO configuration. Starting Internet Explorer 8 on computers running Windows 7 or Windows Vista without Protected Mode requires the user to right-click the Internet Explorer icon, click Run as Administrator, type valid higher permission authentication credentials, and then press ENTER. Protected Mode is enabled by default in Internet Explorer 8 for the Internet and Restricted sites security zones.
However, users can disable the mode, which reduces overall security. ActiveX Opt-in Internet Explorer 7 introduced the ActiveX Opt-in mechanism to automatically disable all controls that are not explicitly allowed by the user, helping to mitigate the potential misuse of preinstalled controls. Internet Explorer 8 extends the security protection of that feature by increasing the ability to fine tune the ActiveX Opt-in settings to a Per-User and Per-Domain level. This added control helps to further ensure users and their systems are protected against malicious attack. The Information bar in Internet Explorer prompts users before they can access a previously installed ActiveX control that has not yet been used on the Internet. This notification mechanism enables the user to permit or deny access on a control-by-control, site-by-site basis, which helps further reduces the available surface area for attacks.
Malicious users cannot use Web sites to launch automated attacks with ActiveX controls that were never intended to be used on the Internet. The added Per-User setting control helps extend that protection by limiting any approved control to only the specific user, helping to minimize the impact on other users. Per-Domain settings help ensure controls are limited to the specific Web site or sites that users intend to access, and leave other domains unable to use the same control without explicit action from the user.
InPrivate Browsing lets you control whether or not Internet Explorer 8 saves your browsing history, cookies, and other data. If you are using a shared PC, a borrowed laptop from a friend, or a public PC, sometimes you do not want other people to know where you have been on the Web.
The InPrivate Browsing feature in Internet Explorer 8 makes ensure browser privacy easy by not storing history, cookies, temporary Internet files, or other data. While InPrivate Browsing is active, the following takes place:
ē Queries entered into the search box are not stored. In addition, toolbars and BHOs are disabled by default. Users can enable this functionality on the Privacy Options tab of the Internet Options dialog box that you can access from the Tools menu in the browser.
The InPrivate Filtering feature provides users with added control over third-party sites with which they want to share personal browsing activity. Web sites increasingly access content from multiple sources, providing tremendous value to consumers and Web sites. However, users are often not aware that some content, images, ads, and analytics are provided from third-party Web sites or that these sites have the ability to potentially track (by data aggregation correlation) individual user behavior across multiple Web sites.
InPrivate Filtering provides users an added level of control and choice about the information that third-party Web sites can potentially use to track browsing activity.
Note: For an in-depth overview of this feature and user settings, see the Internet Explorer 8 Privacy and User Control Feature Guide.
Created: May 16, 1997; Last modified: March 12, 2019