Microsoft yesterday announced new security features within the upcoming release of Internet Explorer 8 Beta 2.

IE8 will scan downloads and block any that it deems dangerous.

The features are designed to combat the rising tide of drive-by downloads and malicious scripts contained within carefully crafted links embedded in e-mails and websites. Most of the new features require systems to be running Windows Vista SP1 or Windows XP SP3.

Perhaps the most anticipated addition is Internet Explorer's new antimalware protection. Opera 9.5 and Firefox 3 both recently added antimalware protection. Safari has so far not announced plans for similar protection.

Using mostly its own antimalware technology, Microsoft will block emerging threats by masking the entire IE8 browser screen with a warning to users. The addition of malware protection to the existing antiphishing protection will be re-branded as the Microsoft SmartScreen filter.

IE8 Beta 2 will have a Cross Site Scripting (XSS) filter, preventing scripts within a link from executing on the browser.

Previously announced features include highlighting domain names from the rest of the URL (so you can visually see that you are on eBay.com, not some other site), and extended verification SSL.

IE 8 Beta 1 has already introduced several changes when handling ActiveX components. Components will be installed per user, which eliminates the need for everyone to have administrator privileges. In addition, you must acknowledge or opt-in for the component to run, eliminating drive-by downloads. Components will be per site and will only be available from site of origin. Finally, site developers can request killbits from Microsoft, which can be sent via Windows Update to terminate risky or outdated components.

For developers, Microsoft is improving communications between the client browser and Web server. Cross Domain Requests (CDR) is a more secure way for the browser to pull data from other domains; and Cross Domain Messaging (XDM) is a more secure means for a browser to send a message across a domain. Microsoft says it is working with other browser vendors to standardise these.

The public Beta 2 for Internet Explorer is expected sometime in August 2008.

Related links

Leave a comment

You must read and type the 6 chars within 0..9 and A..F

* indicates mandatory fields.

Log in


Sign up | Forgot your password?

Blogs

RSS feed

  • Staff A first look at Windows 7 beta

    In this week's Roundup we show you a preview of Windows 7 beta, cover news from the annual Macworld and more. Read more »

    -- posted by Staff

  • Staff Opera's new SDK: Better browsing on the Wii?

    Opera has thrown a little more love at device developers by announcing an updated version of its software development kit on Wednesday at CES. Read more »

    -- posted by Staff

  • Staff 2008: Time to call stumps

    It's another year down but some things never change. That was shown this week as Internet Explorer remained under fire from yet another zero-day exploit. In other news, we set a hard drive on fire and Apple cans its involvement with MacWorld. Read more »

    -- posted by Staff

What's on?