internet explorer 7 security features steve lamb technical security evangelist @ microsoft ltd...
TRANSCRIPT
![Page 1: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/1.jpg)
Internet Explorer 7Internet Explorer 7Security FeaturesSecurity Features
Steve LambSteve LambTechnical Security Evangelist @ Microsoft LtdTechnical Security Evangelist @ Microsoft [email protected]@microsoft.comhttp://blogs.technet.com/steve_lambhttp://blogs.technet.com/steve_lamb
![Page 2: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/2.jpg)
AgendaAgenda
Lessons learned from IE in Windows XP SP2
Overview of Internet Explorer 7
Detailed features and demo
Timeline
More information
![Page 3: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/3.jpg)
First, Let me ask…First, Let me ask…
How many of you are using IE7 now?What build?
How can we help you?
![Page 4: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/4.jpg)
Post Windows XP SP2Post Windows XP SP2Strengths
Big security investments were worthwhile
Right balance of application compatibility and security
Opportunities to improveSocial attacks (phishing) as important as code execution
Bad trust decisions don’t have an “undo” option
Make life better for Web developers
Everyone wants new features
![Page 5: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/5.jpg)
Internet Explorer 7Internet Explorer 7Major innovations in IE7 for Windows XP SP2
Enhanced functionality in IE7 in Windows Vista includes:
Protected ModeParental Controls integration
Key areas of focus:Makes everyday tasks easierDynamic security protectionImproved platform and manageability
![Page 6: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/6.jpg)
IE7 – New LookIE7 – New Look
![Page 7: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/7.jpg)
Tabbed BrowsingTabbed Browsing
![Page 8: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/8.jpg)
Quick TabsQuick Tabs
![Page 9: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/9.jpg)
Page ZoomPage Zoom
BeforeBefore AfterAfter
![Page 10: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/10.jpg)
Shrink-To-Fit PrintingShrink-To-Fit PrintingWeb Pages Automatically Formatted To Print ProperlyWeb Pages Automatically Formatted To Print Properly
![Page 11: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/11.jpg)
Inline SearchInline Search
![Page 12: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/12.jpg)
RSS Feed ReaderRSS Feed Reader
![Page 13: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/13.jpg)
Enhanced Validation CertificatesEnhanced Validation Certificates
Clearer information about trusted sites
Trust Badge rotates to show Certificate Authority
![Page 14: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/14.jpg)
1515
Dynamic Security ProtectionDynamic Security ProtectionInternet Explorer 7Internet Explorer 7
Technology to protect Technology to protect against against technology technology attacksattacks
Limit programmatic accessLimit programmatic access
Reduce attack surfaceReduce attack surface
Warn if settings insecureWarn if settings insecure
Simplified architectureSimplified architecture
Technology to protect Technology to protect against against social attackssocial attacks
Anti-phishing serviceAnti-phishing service
Secure site visuals and infoSecure site visuals and info
Address bar anti-spoofingAddress bar anti-spoofing
““One-click cleanup”One-click cleanup”
![Page 15: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/15.jpg)
Security FeaturesSecurity FeaturesProtecting the machine from technology attacks
Unified URL parsingCross-domain security enhancementsCode quality improvements to reduce buffer overrunsActiveX Opt-inProtected Mode (Microsoft Windows Vista only)
Protecting the user from social attacksDownload scanning with Windows DefenderPhishing FilterHigh-assurance SSL and address barDangerous settings notificationSecure defaults for International Domain NamesParental controls (Windows Vista only)
![Page 16: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/16.jpg)
ActiveX Opt-in & Protected ActiveX Opt-in & Protected ModeModeDefending systems from malicious attackDefending systems from malicious attackActiveX Opt-in: puts users in control
Most controls disabled
Reduces attack surface
Retain ActiveX benefits, increase user security
Protected Mode*: reduces severity of threatsIE process ‘sandboxed’ to protect OS
Eliminates silent malware install
Designed for security and compatibility
ActiveX Opt-inActiveX Opt-in
EnabledEnabledControlsControls
WindowsWindows
DisabledDisabledControlsControlsUserUser
ActioActionn
Protected ModeProtected Mode
UserUser
ActioActionn
IEIECacheCache My Computer (C:)My Computer (C:)
BrokerBrokerProcessProcess
Low RightsLow Rights
* Windows Vista only
![Page 17: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/17.jpg)
Change Change Settings,Settings,
Download a Download a PicturePictureExploit can Exploit can
install install MALWAREMALWARE
IExplore.exeIExplore.exe
Install an Install an ActiveXActiveXcontrolcontrol
Cache Web Cache Web contentcontent
Exploit can Exploit can install install
MALWAREMALWARE
Admin Rights AccessAdmin Rights Access
User Rights AccessUser Rights Access
Temp Internet FilesTemp Internet Files
HKLMHKLM
Program FilesProgram Files
HKCUHKCU
My DocumentsMy Documents
Startup FolderStartup Folder
Untrusted files and Untrusted files and settingssettings
Internet Explorer Running Internet Explorer Running with Full Privilegeswith Full Privileges
![Page 18: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/18.jpg)
ProtectedProtectedModeMode
Internet Internet ExplorerExplorer
Install an Install an ActiveX ActiveX controlcontrol
Change Change settings, settings,
Save a Save a picturepicture
Inte
gri
ty C
on
trol
Inte
gri
ty C
on
trol
Bro
ker
Pro
cess
Bro
ker
Pro
cess
Redirected settings Redirected settings and filesand files
Com
pat
Red
irect
or
Com
pat
Red
irect
or
CacheCache Web content Web content
Admin Rights AccessAdmin Rights Access
User Rights AccessUser Rights Access
Temp Internet FilesTemp Internet Files
HKLMHKLM
HKCRHKCR
Program FilesProgram Files
HKCUHKCU
My DocumentsMy Documents
Startup FolderStartup Folder
Untrusted files and Untrusted files and settingssettings
Bro
ker
Pro
cess
Bro
ker
Pro
cess
Protected Mode Runs with Protected Mode Runs with Lowest PrivilegeLowest Privilege
![Page 19: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/19.jpg)
2020
Security Status BarSecurity Status Bar
Makes users aware of online security and Makes users aware of online security and privacyprivacyEnhanced ValidationEnhanced Validation
Standard SecurityStandard Security
Phishing Filter Phishing Filter (Warn)(Warn)
Trusted party has provided extensive Trusted party has provided extensive verification for the authenticity of verification for the authenticity of certificate holdercertificate holder
Website provided a certificate matching Website provided a certificate matching the server and appears trustworthythe server and appears trustworthy
The website contains characteristics found The website contains characteristics found in phishing websites … proceed cautiouslyin phishing websites … proceed cautiously
Incorrect DataIncorrect Data There are errors in the certificate provided There are errors in the certificate provided and the website should not be trustedand the website should not be trusted
Phishing Filter Phishing Filter (Block)(Block)
A warning is displayed and users are A warning is displayed and users are navigated away from the websitenavigated away from the website
![Page 20: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/20.jpg)
https://https://urs.microsoft.comurs.microsoft.com
IEAPFLTR.DATIEAPFLTR.DAT
Known Good URLsKnown Good URLs
Phishing FilterPhishing FilterClient-side heuristics, allow-list, Client-side heuristics, allow-list, and Web serviceand Web service URL Reputation ServiceURL Reputation Service
![Page 21: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/21.jpg)
Phishing FilterPhishing FilterPopulating the URL reputation Populating the URL reputation serviceservice
https://https://urs.microsoft.comurs.microsoft.comEnd User End User
ReportReport
Graders
Grader Grader ConfirmeConfirmeddSitesSites
Site OwnerSite OwnerReportReport
Mark Monitor
CyotaInternet Identity
Third Party Phishing Third Party Phishing databasesdatabases
URL Reputation ServiceURL Reputation Service
![Page 22: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/22.jpg)
Address Bar EverywhereAddress Bar Everywhere
![Page 23: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/23.jpg)
Fix My SettingsFix My Settings
![Page 24: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/24.jpg)
IDN DisplayIDN Display
![Page 25: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/25.jpg)
Phishing Filter – Suspicious SitePhishing Filter – Suspicious Site
![Page 26: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/26.jpg)
Phishing Filter - Blocked SitePhishing Filter - Blocked Site
![Page 27: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/27.jpg)
Fix My SettingsFix My Settings
![Page 28: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/28.jpg)
Customer Call To ActionCustomer Call To Action
Read the technology overview
Upgrade to IE7 RTM
Test LOB applications and public websites
Provide feedback to Microsoft (mailto:[email protected])
![Page 29: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/29.jpg)
More IE7 InformationMore IE7 InformationDownload the IE7 RC1 at http://www.microsoft.com/ieTechnical docs on IE Developer Centerhttp://msdn.microsoft.com/ie IT Administrator information on Technet http://www.microsoft.com/technet/prodtechnol/IE/ieak7More technical information on TechNet http://www.microsoft.com/technet/prodtechnol/IEFollow the IE Team Blog athttp://blogs.msdn.com/ie
![Page 30: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/30.jpg)
Resources 1Resources 1Internet Explorer Bloghttp://blogs.msdn.com/ie/
Internet Explorer Feedback [email protected]
Internet Explorer Developer Center http://msdn.microsoft.com/ie/
Internet Explorer 7 Readiness Toolkithttp://go.microsoft.com/fwlink/?LinkId=64421
Internet Explorer 7 App Compat Toolkithttp://blogs.technet.com/all_things_appcompat/default.aspx
Internet Explorer 7 External Bug Databasehttps://connect.microsoft.com/site/sitehome.aspx?SiteID=136
Internet Explorer Administration Kit (IEAK) 7 Beta 2http://www.microsoft.com/technet/prodtechnol/ie/ieak7/default.mspx
![Page 31: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/31.jpg)
Resources 2Resources 2Technical Chats and Webcastshttp://www.microsoft.com/communities/chats/default.mspx http://www.microsoft.com/usa/webcasts/default.asp
Microsoft Learning and Certificationhttp://www.microsoft.com/learning/default.mspx
MSDN & TechNet http://microsoft.com/msdnhttp://microsoft.com/technet
Virtual Labshttp://www.microsoft.com/technet/traincert/virtuallab/rms.mspx
Newsgroupshttp://communities2.microsoft.com/communities/newsgroups/en-us/default.aspx
Technical Community Siteshttp://www.microsoft.com/communities/default.mspx
User Groupshttp://www.microsoft.com/communities/usergroups/default.mspx
![Page 32: Internet Explorer 7 Security Features Steve Lamb Technical Security Evangelist @ Microsoft Ltd Stephen.lamb@microsoft.com](https://reader036.vdocument.in/reader036/viewer/2022062407/56649da95503460f94a96c73/html5/thumbnails/32.jpg)
© 2006 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Steve LambSteve LambTechnical Security Evangelist @ Microsoft LtdTechnical Security Evangelist @ Microsoft [email protected]@microsoft.comhttp://blogs.technet.com/steve_lambhttp://blogs.technet.com/steve_lamb