Microsoft trumpets security additions in upcoming IE8

[x_6985381]

Slates anti-malware, cross-site scripting defenses in August's IE8 Beta 2

Microsoft Corp. today outlined new security features that it plans to add to Internet Explorer (IE) next month, including anti-malware protection to match tools similar to those offered by its rivals and a filter the company said would block most cross-site scripting attacks.

Internet Explorer 8 Beta 2, which Microsoft has slated for release sometime in August, will include two new security tools, said Austin Wilson, the director of Windows client product management.

One, dubbed "SmartScreen Filter" by Microsoft, adds malware blocking to the antiphishing protection already embedded in IE7. The new feature, which will resemble the defenses already used by rival browsers Firefox 3.0 and Opera 9.5, will warn users when they're about to visit a site known or suspected of spreading malicious code and then block any download from that site.

Unlike Mozilla Corp.'s Firefox, which retrieves a blacklist several times daily, then stores it locally to compare against Web site addresses, IE8 will dynamically determine whether a site is potentially dangerous by pinging remote servers each time a user tries to reach a page.

Microsoft will use multiple third-party sources to compose the blacklists for both phishing and malware-hosting sites, said Wilson. It will also draw on data gathered by Windows Defender, the company's free antispyware tool. Wilson would not disclose the third-party information providers, however.

"We get the data feeds and update our lists multiple times a day," he said. "And IE8 makes the call to the URL reputation service servers, and if it's a phishing or malware site, the browser navigates away from the page and displays a warning."

He denied that the process would have a noticeable effect on IE8's performance. "Our choice was to make sure that the user has the most recent data possible," he said. "We do an asynchronous call, so the page rendering takes place while the call is made to the reputation servers."

Also to debut next month in IE8 Beta 2 is an integrated filter that Microsoft said would prevent most cross-site scripting attacks. "Today, the end user can be doing all the right things, checking the URL to make sure it's legitimate, only going to trusted sites, but because of vulnerabilities on the Web server side, they can still be compromised," said Wilson, referring to cross-site scripting attacks, which are most commonly used by identity thieves and have been on the upswing.

Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9106238&intsrc=hm_list

[tommie gorman]

I just hope it is good software and not bloat ware. 

[ghostmaster]

Beta 1 was terrible.  I hated it.  It was slower than IE7, and couldn't display pages correctly at all.  Then again, it was a beta....

[dlewis23]

Beta 1 was terrible.  I hated it.  It was slower than IE7, and couldn't display pages correctly at all.  Then again, it was a beta....

Thats because everyone has had to do so many fixes for IE 6 & 7. IE 8 doesn't understand how to display it correctly when there are all these cheap work around that everyone has had to do.

IE8 will display pages  correctly when it comes to final release.

[tommie gorman]

Fixes for IE6    Unless it was in the updates, I do not recall any in all the years I have used it. Well 6 years anyway.

[ghostmaster]

He means making changes to web pages for IE6 and 7, not making changes to IE6/7. 

[Roco]

I just hope it is good software and not bloat ware. 

has anyone looked back  to win 95-98  etc  so do we need all these  mega Gb hard drives just to keep ahead of the threats, , ? is the latest O/s better  for those that just need  e-mail etc,

[ninjageek]

It won't take long for hackers to find security holes in IE8. Same way with firefox 3. IMHO firefox has bragged way to much. Bragging its more secure, and has millions of downloads and this and that. Yea just put a sign on firefox, Please find security flaws and exploit it. That is the one thing that keeps me away from using firefox as my primary browser. Its the cool hip thing to do. I just giggle every time someone spouts, I use firefox its more secure.

No the most secure computer is created by common sense, knowledge, current spyware and antivirus programs. A computer that does not download torrents and P2P stuff and stays away from warez sites. Myself, I only use xp firewall, Only use the opera browser, Scan my computer on a monthly basis and do so in safe mode. No problems on my end. Way to many average users use firefox and believe there computer is bullet proof.

[tommie gorman]

has anyone looked back  to win 95-98  etc  so do we need all these  mega Gb hard drives just to keep ahead of the threats, , ? is the latest O/s better  for those that just need  e-mail etc,

I fully agree, for email and little things one ony needs a small HD, IE6, and small processor. Nothing more. Except at least a step above "DIAL UP".