On The Insider: Robert Pattinson's New Leading Lady
BNET Business Network:
BNET
TechRepublic
ZDNet

July 2nd, 2008

Anti-malware blocker, cross-site scripting protections coming in IE 8

Posted by Ryan Naraine @ 9:36 am

Categories: Arbitrary Code Execution, Browsers, Complex Attacks, Data theft, Exploit code, Firefox, Malware, Microsoft, Passwords, Patch Watch, Spyware and Adware, Viruses and Worms, Web 2.0, Windows Vista

Tags: XSS, Microsoft Internet Explorer, SmartScreen Filter, Web Browsers, Internet, Ryan Naraine

Anti-malware blocker, cross-site scription protections coming in IE 8When Microsoft’s Internet Explorer 8 hits the Beta 2 milestone in August, the browser makeover will feature a full-fledged anti-malware blocker and new protections against some forms of cross-site scripting attacks.

The existing phishing filter IE 7 has been renamed SmartScreen Filter and will include blacklist-based blocking of known exploit sites.

The SmartScreen anti-malware feature is URL-reputation-based, which means that it evaluates the servers hosting downloads to determine if those servers are known to distribute unsafe content. SmartScreen’s reputation-based analysis works in concert with other signature-based anti-malware technologies like the Malicious Software Removal Tool, Windows Defender, and Windows Live OneCare, in order to provide comprehensive protection against malicious software.

Data from Microsoft’s existing security partners will be used to power the new SmartScreen Filter and there is a chance that new third-party providers will be included.  Google’s blacklist, which now powers the anti-malware blocker in Firefox 3, is not included.

Also new in IE 8 Beta 2 is an XSS Filter to detect Type-1 (reflection) attacks that can lead to cookie theft, keystroke logging, Web site defacement and credentials theft:

The XSS Filter operates as an IE8 component with visibility into all requests / responses flowing through the browser. When the filter discovers likely XSS in a cross-site request, it identifies and neuters the attack if it is replayed in the server’s response. Users are not presented with questions they are unable to answer – IE simply blocks the malicious script from executing.

Anti-malware blocker, cross-site scripting protections coming in IE 8

The new beta refresh will also include support for safer Web 2.0-type mashups, DEP (data execution protection) turned on by default in Windows Vista SP 1, domain highlighting to help flag phishing attacks and changes to the way ActiveX controls are handled.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 50 Talkback(s)
Here we go again
Another good intentioned person who is super lazy to read all the thread:

=========
If Microsoft wouldn't permit you install other software than it
Internet Explorer may be convicted for ... (Read the rest)
Posted by: markbn Posted on: 07/08/08 You are currently: a Guest | | Terms of Use
Once again...  techboy_z | 07/02/08
Um...Yeah  safesax2002 | 07/04/08
RE: Anti-malware blocker, cross-site scripting protections coming in IE 8  greybert-@... | 07/02/08
It blocks malware  jamesrayg | 07/02/08
No...  ZachE84 | 07/02/08
Not really funny  ladyphoenix3 | 07/03/08
Professional Writing  grail@... | 07/03/08
It Blocks Malware?  El Condor | 07/03/08
It will still suck  ardnivar | 07/02/08
Um, yah, at least they're not convicted murderers  jackbond | 07/02/08
That is just nonsense  dragosani | 07/02/08
You're kidding yourself  jackbond | 07/02/08
LOL  dragosani | 07/02/08
I'd love to see the statistics  CobraA1 | 07/02/08
Of course  AndyCee | 07/02/08
You Sir  High Plains | 07/03/08
It will still suck  El Condor | 07/03/08
RE: Anti-malware blocker, cross-site scripting protections coming in IE 8  jamesrayg | 07/02/08
Truly sickening  jackbond | 07/03/08
RE: Anti-malware blocker, cross-site scripting protections coming in IE 8  ZachE84 | 07/02/08
IE at work ?  eagle72al | 07/03/08
RE: Anti-malware blocker, cross-site scripting protections coming in IE 8  ZachE84 | 07/02/08
HA HA FIREFOX RULES  itanalyst2@... | 07/02/08
Rules what again? Bwa-ha-ha-ha  transposeIT | 07/03/08
IE WHAT?  itanalyst2@... | 07/03/08
ROFL.  CreepinJesus | 07/03/08
Did You Have To Buy An OS To Get It?  itanalyst2@... | 07/03/08
Nonsense  markbn | 07/03/08
Yep, I Was A Vista User  itanalyst2@... | 07/03/08
I might be ...  markbn | 07/03/08
Really ?  eagle72al | 07/03/08
Here we go again  markbn | 07/08/08
"Megaflop????"  Wolfie2K3 | 07/03/08
If updates count...  CreepinJesus | 07/03/08
Firefox is a pain in the rear  ladyphoenix3 | 07/03/08
Have you checked the options?  TasteeWheat | 07/03/08
Firefox is simple to use & has great add-ons  billfranke@... | 07/04/08
This is the flame war site...  JCitizen | 07/06/08
Ladies And Gentleman, This Man Just Unseated No_Ax  itanalyst2@... | 07/02/08
Meant Jackbond  itanalyst2@... | 07/02/08
Fool  jackbond | 07/03/08
I don't see any difference between Linux zealots and him...  transposeIT | 07/03/08
Jackbond, I mean  transposeIT | 07/03/08
Big Difference  itanalyst2@... | 07/03/08
The difference  jackbond | 07/03/08
Last Time  euan.johnstone@... | 07/03/08
Very last time...  roo_z | 07/03/08
They don't care.  I am Gorby | 07/03/08
RE: Anti-malware blocker, cross-site scripting protections coming in IE 8  atari8bit@... | 07/03/08
Is there anyone who has something constructive..  JCitizen | 07/06/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
Learn more about the free, six-month trial offer>>
The best support in the Linux business
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
Learn more >>
The more you simplify, the more you save
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
Learn more >>
Reduce risk. Reduce complexity. Increase reliability.
A simplified IT environment isn't just less complex. It's also more reliable. Standardize on a single Linux platform with SUSE Linux Enterprise from Novell, and get the world's most interoperable Linux
Learn more >>
Keep Up With The Latest In Document Management with The DocuMentor.
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
Learn more >>
Learn more about tools to grow your business
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
Save time with the UPS Business Essentials Guide
advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here