Enterprise security features in IE 8

Shane O'Neill

In recent years, Internet Explorer has lost its market share while some other browsers, such as Mozilla's Firefox, Apple's Safari, or even a recent browser from Google Chrome have increased. Significant growth.

However, Microsoft is hoping to regain IE's previous position in the user with Internet Explorer 8 version, which was released in late January and has received a lot of praise for Its security features as well as remaining criticism of resource-intensive consumption.

Microsoft has not yet made a specific announcement about when it will release IE 8 to manufacturers. But according to TechARP.com, a website has made a true prediction of the RTM date for previous versions of Windows, predicting that Microsoft will release their new browser this month.

So IE 8 has advantages compared to previous versions or other browsers. In this article we will show you some security and privacy features in Internet Explorer 8.

Indeed, the more online business applications are, the more secure the browser becomes the top priority for IT managers and there is an endless debate about which browser is more secure. IE or Firefox.

Some statements from Microsoft about security and privacy features in IE8 said that Microsoft hopes to keep business users' productivity and their security against attacks.

Automatic disaster recovery

Everyone must have dealt with a browser crash, its consequence is losing your data and having to perform a reboot.

In this regard, Microsoft promised that Internet Explorer 8 was built on the architecture to limit the breakdown. If a website breaks down in a certain tab, only that tab is affected, while the browser itself and other open tabs continue as if nothing happens.

In the past, if there was an error in a web page and it crashed, this crash would cause the entire browser or even the operating system to crash. IE8 will automatically restore the broken tab when it detects a problem and then take you back to the site before it crashes.

SmartScreen Filter

The SmartScreen Filter feature has been reinforced in IE8 to deal with many complex ways that hackers and malicious sites spread viruses or steal personal information.

The SmartScreen Filter blocks phishing sites for downloading malicious software. Users must make the option to enable or disable SmartScreen but in general it is recommended to enable this feature.

When this feature is enabled, you want to visit a site that is considered unsafe, the site will have a red screen to remind you not to continue your web surfing action on this site. . It gives the option "Disregard and continue (not recommended)" but IT managers can remove this option to "keep users from having to make a trust decision without knowledge to make a decision of trust".

However, one of the main threats to users is that bad sites disguise themselves as good sites. There are many disguised sites like anti-spyware sites when they actually download spyware, then SmartScreen Filter will recognize them as a scam and warn users that they should not take actions here. .

Cross-Site Scripting Filter

Cross-site scripting (XSS) attacks are one of the top exploits for web users. XSS allows malicious code to infect websites and may lead to information disclosure or like information theft.

What matters most to XSS is: everything is normal for users while allowing an attacker to illegally access and lose sensitive data.

XSS Filter, a new feature in IE8, can check all requests and respond through the browser. When it recognizes an XSS in a request, IE8 blocks the malicious script from executing.

This feature will recognize that the website is performing an unsatisfactory behavior and therefore will block it without much notice to the user.

Clickjack Prevention feature

In the RC version of IE8, the Clickjack Prevention feature allows website content owners to place a tag on the page's header to block clickjack, a cross-site scripting style that uses an embed code to trick users. Click on a link that appears to perform other actions.

With clickjacking, users think he is clicking on tangible nodes, while doing action in some invisible page. The danger of clickjacking is that clicking on some hidden web component can cause serious results in a session you don't want. IE8 will detect these problems and display an error screen telling you that the content from a particular host is being used by someone.

For example, if someone tries to embed your bank's website into another website, IE8 will realize that the content of the bank's website is part of the clickjacking site and needs to be turned off.

Mark the domain name

This is the most tangible feature in IE8, but can help users take the necessary vigilant actions.

Using domain name markup, IE8 will automatically black out the domain name of a URL in the address bar while the rest of the address will only be displayed in gray. If the domain name is blackened as an authentic domain, such as quantrimang.com or quantrimang.com.vn, the user will know that the site they are visiting is valid, not a fake site.

For example, in IE8's address bar, this site will be a real reliable site:

http:/// www. quantrimang .com.vn / kienthuc / website-co-ban / 54392_Internet_Explorer_8_cai_tien_them_ve_su_rieng_tu_va_bao_mat.aspx

This site is not reliable:

http:/// www. .com / kienthuc / admin-co-ban / 54392_Internet_Explorer_8_cai_tien_them_ve_su_rieng_tu_va_bao_mat.aspx

This feature is the easiest way for both business users and home users to help them avoid compromising personal information by bad sites.