Microsoft is planning two new security features for the upcoming beta version of Internet Explorer 8.
The IE8 Beta 2 release will include software designed to filter out phishing attempts and cross-site scripting attacks.
Smart Screen, which is based on the phishing filter in IE7, blocks known phishing URLs. The new version sports improved heuristics and can analyse entire URL strings for phishing site detection.
The filter will also detect and warn users when a download has been performed from a site reported for distributing malware.
This could help foil social engineering attacks in which the user is tricked into launching a malicious application.
Microsoft is also planning to release a filter for cross-site scripting attacks, in which data from a compromised page is switched with a page from a malicious site without the user's knowledge.
The filter will attempt to shield users from the popular 'type 1' attack which is often used to steal user information.
The filter monitors incoming and outgoing information requests from the browser and blocks the transmission of potential cross-site scripting attacks while warning the user of the dangerous action.
The new features will join a security package in IE8 that also includes HTML and JavaScript sanitising tools and improved security for Mime content.
Microsoft expects to release IE8 Beta 2 in August.
See also:
Software giant makes break with proprietary past 26 Mar 2008
Developers get their hands on latest web offerings 06 Mar 2008
Auto-update distribution pushes browser share to 25 per cent 17 Jan 2007All Enterprise Security Technology Tags: Microsoft, Internet-explorer, Security, Software
del.icio.us
Digg this
reddit!
