Internet Explorer 7 Security Features Steve Lamb Technical Security Microsoft Ltd

Agenda Lessons learned from IE in Windows XP SP2 Overview of Internet Explorer 7 Detailed features and demo Timeline More information

First, Let me ask… How many of you are using IE7 now? What build? How can we help you?

Post Windows XP SP2 Strengths Big security investments were worthwhile Right balance of application compatibility and security Opportunities to improve Social attacks (phishing) as important as code execution Bad trust decisions don ’ t have an “ undo ” option Make life better for Web developers Everyone wants new features

Internet Explorer 7 Major innovations in IE7 for Windows XP SP2 Enhanced functionality in IE7 in Windows Vista includes: Protected Mode Parental Controls integration Key areas of focus: Makes everyday tasks easier Dynamic security protection Improved platform and manageability

IE7 – New Look

Tabbed Browsing

Quick Tabs

Page Zoom Before After

Shrink-To-Fit Printing Web Pages Automatically Formatted To Print Properly

Inline Search

RSS Feed Platform Automatic Delivery Of Personalized Information Windows Supports RSS Feeds in Three Ways – Discover, subscribe & read as you browse – Update all feeds with a single click – Provides Common Feed List and Feed Store to enable any application to easily support RSS – Enables new scenarios via Simple List Extensions, giving RSS feeds the power to do moreBrowsersReadersAppsWebsites

RSS Feed Reader

Enhanced Validation Certificates Clearer information about trusted sites Trust Badge rotates to show Certificate Authority

15 Dynamic Security Protection Internet Explorer 7 Technology to protect against technology attacks Limit programmatic access Reduce attack surface Warn if settings insecure Simplified architecture Technology to protect against social attacks Anti-phishing service Secure site visuals and info Address bar anti-spoofing “One-click cleanup”

Security Features Protecting the machine from technology attacks Unified URL parsing Cross-domain security enhancements Code quality improvements to reduce buffer overruns ActiveX Opt-in Protected Mode (Microsoft Windows Vista only) Protecting the user from social attacks Download scanning with Windows Defender Phishing Filter High-assurance SSL and address bar Dangerous settings notification Secure defaults for International Domain Names Parental controls (Windows Vista only)

ActiveX Opt-in & Protected Mode Defending systems from malicious attack ActiveX Opt-in: puts users in control Most controls disabled Reduces attack surface Retain ActiveX benefits, increase user security Protected Mode*: reduces severity of threats IE process ‘sandboxed’ to protect OS Eliminates silent malware install Designed for security and compatibility ActiveX Opt-in Enabled Controls Windows Disabled Controls User Action Protected Mode User Action IE Cache My Computer (C:) Broker Process Low Rights * Windows Vista only

Change Settings, Download a Picture Exploit can install MALWARE IExplore.exe Install an ActiveX control Cache Web content Exploit can install MALWARE Admin Rights Access User Rights Access Temp Internet Files HKLM Program Files HKCU My Documents Startup Folder Untrusted files and settings Internet Explorer Running with Full Privileges

ProtectedMode Internet Explorer Install an ActiveX control Change settings, Save a picture Integrity Control Broker Process Redirected settings and files Compat Redirector Cache Web content Admin Rights Access User Rights Access Temp Internet Files HKLMHKCR Program Files HKCU My Documents Startup Folder Untrusted files and settings Broker Process Protected Mode Runs with Lowest Privilege

20 Security Status Bar Makes users aware of online security and privacy Enhanced Validation Standard Security Phishing Filter (Warn) Trusted party has provided extensive verification for the authenticity of certificate holder Website provided a certificate matching the server and appears trustworthy The website contains characteristics found in phishing websites … proceed cautiously Incorrect Data There are errors in the certificate provided and the website should not be trusted Phishing Filter (Block) A warning is displayed and users are navigated away from the website

IEAPFLTR.DAT Known Good URLs Phishing Filter Client-side heuristics, allow-list, and Web service URL Reputation Service

Phishing Filter Populating the URL reputation service End User Report Grader Confirmed Sites Site Owner Report Third Party Phishing databases URL Reputation Service

Address Bar Everywhere

Fix My Settings

IDN Display

Phishing Filter – Suspicious Site

Phishing Filter - Blocked Site

Fix My Settings

Customer Call To Action Read the technology overview Upgrade to IE7 RTM Test LOB applications and public websites Provide feedback to Microsoft

More IE7 Information Download the IE7 RC1 at Technical docs on IE Developer Center IT Administrator information on Technet ol/IE/ieak7 ol/IE/ieak7 More technical information on TechNet ol/IE ol/IE Follow the IE Team Blog at

Resources 1 Internet Explorer Blog Internet Explorer Feedback Alias Internet Explorer Developer Center Internet Explorer 7 Readiness Toolkit Internet Explorer 7 App Compat Toolkit Internet Explorer 7 External Bug Database Internet Explorer Administration Kit (IEAK) 7 Beta 2

Resources 2 Technical Chats and Webcasts Microsoft Learning and Certification MSDN & TechNet Virtual Labs Newsgroups communities/newsgroups/en-us/default.aspx Technical Community Sites User Groups

© 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. Steve Lamb Technical Security Microsoft Ltd