Internet Explorer 8 Beefed Up Against Hackers And Phishers
Redmond (WA) - Microsoft is beefing up its upcoming Internet Explorer 8 browser with several security improvements against hackers and phishers. Eric Lawrence, Microsoft’s program manager of Internet Explorer security, says IE 8 Beta 1 will have more defenses against cross-site scripting, malware protection and URL highlighting. File upload paths will also be changed to read only. This will prevent hackers from reading direct paths to important files.
Perhaps the most important addition will be the cross-site scripting or XSS Filter that will provide defense against exploits that can steal cookies, credentials and even keystrokes. Despite this protection, Lawrence warns that web developers shouldn’t get too complacent about letting IE take care of security. He adds, "because this feature is only available in IE8, it’s important that web developers provide additional defense-in-depth and work to eliminate XSS vulnerabilities in their sites. Preventing XSS on the server-side is much easier that catching it at the browser"
IE 8 will also include beefed up malware protection thanks to third-party reporting sites. When you visit a site, the URL will be checked against a database of websites known to contain malware. Suspicious sites will come up with a red background and a very large and noticeable warning box. This is designed to replace the rather innocuous warning box we currently see in IE 7 - the one that most people just ignore. URL highlighting will further protect users by highlighting good web addresses in black, while suspicious ones will be in gray.
You’ve probably had to upload files from your browser at some point in your life and usually a nice dialog box or window pops up asking for the path to the file. Lawrence says skillful hackers could trick users into sending the complete file path to valuable documents and files. In order to counteract this threat, IE 8 now has file upload control. When uploading a file, you can type/select the file name, but the directory path will now be read-only. Lawrence adds that IE 8 will now only submit the filename and not the full file-path.
You can download IE 8 Beta version one on Microsoft’s website here. The download weighs in at approximately 14.5 megabytes. Lawrence promises version two should be available sometime in August.
- Study Claims Windows Usage Market Share Could Soon Fall Below 90%
- Nvidia's Stock Bloodbath - Company Admits Faulty Chips
- AMD Improves CPU Market Share - With Little Impact On Intel
- Gigabyte Goes Exreme Cold Overclocking
- Transition To 16:9 Aspect Ratio Unstoppable, Says DisplaySearch
- PDP Module Shipments Increase 10% To 1.39 Million Units In May, Says Displaybank
- Blue LEDs With Red And Green Phosphors May Become Mainstream For TV-use BLUs In 2009
- Blue LEDs With Red And Green Phosphors May Become Mainstream For TV-use BLUs In 2009
- PS3 Expected To Remain The Main Force Behind Blu-ray Sales
- Blockbuster Pulls Out of Circuit City Acquisition
- New Bags To Help Laptops Pass Through Airport Security
- ATI Radeon 4800 Forces Nvidia To Make Price Cuts For GTX 260, 280
- Solar System A Bit Squashed, Not Nicely Round
- AMD Radeon HD 4870 X2 Ready By August
- Atom Shortage May Affect Low-cost Notebook Panel Shipments In July
- Radeon Forces Nvidia GTX2XX Price Cuts
- WWF Slaps U.S. Government Over Lack Of Energy Efficiency Progress
- Scientist Warns Plasma And LCD Televisions Could Be Destroying Our Environment
