Internet Explorer 7Internet Explorer 7Security FeaturesSecurity Features

Steve LambSteve LambTechnical Security Evangelist @ Microsoft LtdTechnical Security Evangelist @ Microsoft LtdStephen.lamb@microsoft.comStephen.lamb@microsoft.comhttp://blogs.technet.com/steve_lambhttp://blogs.technet.com/steve_lamb

AgendaAgenda

Lessons learned from IE in Windows XP SP2

Overview of Internet Explorer 7

Detailed features and demo

Timeline

More information

First, Let me ask…First, Let me ask…

How many of you are using IE7 now?What build?

How can we help you?

Post Windows XP SP2Post Windows XP SP2Strengths

Big security investments were worthwhile

Right balance of application compatibility and security

Opportunities to improveSocial attacks (phishing) as important as code execution

Bad trust decisions don’t have an “undo” option

Make life better for Web developers

Everyone wants new features

Internet Explorer 7Internet Explorer 7Major innovations in IE7 for Windows XP SP2

Enhanced functionality in IE7 in Windows Vista includes:

Protected ModeParental Controls integration

Key areas of focus:Makes everyday tasks easierDynamic security protectionImproved platform and manageability

IE7 – New LookIE7 – New Look

Tabbed BrowsingTabbed Browsing

Quick TabsQuick Tabs

Page ZoomPage Zoom

BeforeBefore AfterAfter

Shrink-To-Fit PrintingShrink-To-Fit PrintingWeb Pages Automatically Formatted To Print ProperlyWeb Pages Automatically Formatted To Print Properly

Inline SearchInline Search

RSS Feed ReaderRSS Feed Reader

Enhanced Validation CertificatesEnhanced Validation Certificates

Clearer information about trusted sites

Trust Badge rotates to show Certificate Authority

1515

Dynamic Security ProtectionDynamic Security ProtectionInternet Explorer 7Internet Explorer 7

Technology to protect Technology to protect against against technology technology attacksattacks

Limit programmatic accessLimit programmatic access

Reduce attack surfaceReduce attack surface

Warn if settings insecureWarn if settings insecure

Simplified architectureSimplified architecture

Technology to protect Technology to protect against against social attackssocial attacks

Anti-phishing serviceAnti-phishing service

Secure site visuals and infoSecure site visuals and info

Address bar anti-spoofingAddress bar anti-spoofing

““One-click cleanup”One-click cleanup”

Security FeaturesSecurity FeaturesProtecting the machine from technology attacks

Unified URL parsingCross-domain security enhancementsCode quality improvements to reduce buffer overrunsActiveX Opt-inProtected Mode (Microsoft Windows Vista only)

Protecting the user from social attacksDownload scanning with Windows DefenderPhishing FilterHigh-assurance SSL and address barDangerous settings notificationSecure defaults for International Domain NamesParental controls (Windows Vista only)

ActiveX Opt-in & Protected ActiveX Opt-in & Protected ModeModeDefending systems from malicious attackDefending systems from malicious attackActiveX Opt-in: puts users in control

Most controls disabled

Reduces attack surface

Retain ActiveX benefits, increase user security

Protected Mode*: reduces severity of threatsIE process ‘sandboxed’ to protect OS

Eliminates silent malware install

Designed for security and compatibility

ActiveX Opt-inActiveX Opt-in

EnabledEnabledControlsControls

WindowsWindows

DisabledDisabledControlsControlsUserUser

ActioActionn

Protected ModeProtected Mode

UserUser

ActioActionn

IEIECacheCache My Computer (C:)My Computer (C:)

BrokerBrokerProcessProcess

Low RightsLow Rights

* Windows Vista only

Change Change Settings,Settings,

Download a Download a PicturePictureExploit can Exploit can

install install MALWAREMALWARE

IExplore.exeIExplore.exe

Install an Install an ActiveXActiveXcontrolcontrol

Cache Web Cache Web contentcontent

Exploit can Exploit can install install

MALWAREMALWARE

Admin Rights AccessAdmin Rights Access

User Rights AccessUser Rights Access

Temp Internet FilesTemp Internet Files

HKLMHKLM

Program FilesProgram Files

HKCUHKCU

My DocumentsMy Documents

Startup FolderStartup Folder

Untrusted files and Untrusted files and settingssettings

Internet Explorer Running Internet Explorer Running with Full Privilegeswith Full Privileges

ProtectedProtectedModeMode

Internet Internet ExplorerExplorer

Install an Install an ActiveX ActiveX controlcontrol

Change Change settings, settings,

Save a Save a picturepicture

Inte

gri

ty C

on

trol

Inte

gri

ty C

on

trol

Bro

ker

Pro

cess

Bro

ker

Pro

cess

Redirected settings Redirected settings and filesand files

Com

pat

Red

irect

or

Com

pat

Red

irect

or

CacheCache Web content Web content

Admin Rights AccessAdmin Rights Access

User Rights AccessUser Rights Access

Temp Internet FilesTemp Internet Files

HKLMHKLM

HKCRHKCR

Program FilesProgram Files

HKCUHKCU

My DocumentsMy Documents

Startup FolderStartup Folder

Untrusted files and Untrusted files and settingssettings

Bro

ker

Pro

cess

Bro

ker

Pro

cess

Protected Mode Runs with Protected Mode Runs with Lowest PrivilegeLowest Privilege

2020

Security Status BarSecurity Status Bar

Makes users aware of online security and Makes users aware of online security and privacyprivacyEnhanced ValidationEnhanced Validation

Standard SecurityStandard Security

Phishing Filter Phishing Filter (Warn)(Warn)

Trusted party has provided extensive Trusted party has provided extensive verification for the authenticity of verification for the authenticity of certificate holdercertificate holder

Website provided a certificate matching Website provided a certificate matching the server and appears trustworthythe server and appears trustworthy

The website contains characteristics found The website contains characteristics found in phishing websites … proceed cautiouslyin phishing websites … proceed cautiously

Incorrect DataIncorrect Data There are errors in the certificate provided There are errors in the certificate provided and the website should not be trustedand the website should not be trusted

Phishing Filter Phishing Filter (Block)(Block)

A warning is displayed and users are A warning is displayed and users are navigated away from the websitenavigated away from the website

https://https://urs.microsoft.comurs.microsoft.com

IEAPFLTR.DATIEAPFLTR.DAT

Known Good URLsKnown Good URLs

Phishing FilterPhishing FilterClient-side heuristics, allow-list, Client-side heuristics, allow-list, and Web serviceand Web service URL Reputation ServiceURL Reputation Service

Phishing FilterPhishing FilterPopulating the URL reputation Populating the URL reputation serviceservice

https://https://urs.microsoft.comurs.microsoft.comEnd User End User

ReportReport

Graders

Grader Grader ConfirmeConfirmeddSitesSites

Site OwnerSite OwnerReportReport

Mark Monitor

CyotaInternet Identity

Third Party Phishing Third Party Phishing databasesdatabases

URL Reputation ServiceURL Reputation Service

Address Bar EverywhereAddress Bar Everywhere

Fix My SettingsFix My Settings

IDN DisplayIDN Display

Phishing Filter – Suspicious SitePhishing Filter – Suspicious Site

Phishing Filter - Blocked SitePhishing Filter - Blocked Site

Fix My SettingsFix My Settings

Customer Call To ActionCustomer Call To Action

Read the technology overview

Upgrade to IE7 RTM

Test LOB applications and public websites

Provide feedback to Microsoft (mailto:ietell@microsoft.com)

More IE7 InformationMore IE7 InformationDownload the IE7 RC1 at http://www.microsoft.com/ieTechnical docs on IE Developer Centerhttp://msdn.microsoft.com/ie IT Administrator information on Technet http://www.microsoft.com/technet/prodtechnol/IE/ieak7More technical information on TechNet http://www.microsoft.com/technet/prodtechnol/IEFollow the IE Team Blog athttp://blogs.msdn.com/ie

Resources 1Resources 1Internet Explorer Bloghttp://blogs.msdn.com/ie/

Internet Explorer Feedback Aliasietell@microsoft.com

Internet Explorer Developer Center http://msdn.microsoft.com/ie/

Internet Explorer 7 Readiness Toolkithttp://go.microsoft.com/fwlink/?LinkId=64421

Internet Explorer 7 App Compat Toolkithttp://blogs.technet.com/all_things_appcompat/default.aspx

Internet Explorer 7 External Bug Databasehttps://connect.microsoft.com/site/sitehome.aspx?SiteID=136

Internet Explorer Administration Kit (IEAK) 7 Beta 2http://www.microsoft.com/technet/prodtechnol/ie/ieak7/default.mspx

Resources 2Resources 2Technical Chats and Webcastshttp://www.microsoft.com/communities/chats/default.mspx http://www.microsoft.com/usa/webcasts/default.asp

Microsoft Learning and Certificationhttp://www.microsoft.com/learning/default.mspx

MSDN & TechNet http://microsoft.com/msdnhttp://microsoft.com/technet

Virtual Labshttp://www.microsoft.com/technet/traincert/virtuallab/rms.mspx

Newsgroupshttp://communities2.microsoft.com/communities/newsgroups/en-us/default.aspx

Technical Community Siteshttp://www.microsoft.com/communities/default.mspx

User Groupshttp://www.microsoft.com/communities/usergroups/default.mspx

© 2006 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

Steve LambSteve LambTechnical Security Evangelist @ Microsoft LtdTechnical Security Evangelist @ Microsoft LtdStephen.lamb@microsoft.comStephen.lamb@microsoft.comhttp://blogs.technet.com/steve_lambhttp://blogs.technet.com/steve_lamb