Internet Explorer 8 Beefed Up Against Hackers And Phishers

*SRTDodge05* · 07-02-2008, 09:55 PM

Redmond (WA) - Microsoft is beefing up its upcoming Internet Explorer 8 browser with several security improvements against hackers and phishers. Eric Lawrence, Microsoft’s program manager of Internet Explorer security, says IE 8 Beta 1 will have more defenses against cross-site scripting, malware protection and URL highlighting. File upload paths will also be changed to read only. This will prevent hackers from reading direct paths to important files.

Perhaps the most important addition will be the cross-site scripting or XSS Filter that will provide defense against exploits that can steal cookies, credentials and even keystrokes. Despite this protection, Lawrence warns that web developers shouldn’t get too complacent about letting IE take care of security. He adds, "because this feature is only available in IE8, it’s important that web developers provide additional defense-in-depth and work to eliminate XSS vulnerabilities in their sites. Preventing XSS on the server-side is much easier that catching it at the browser"
Internet Explorer 8 Beefed Up Against Hackers And Phishers - Tom's Guide

07-02-2008, 09:55 PM	#1
SRTDodge05 Grab Life By The Balls Join Date: Jan 2003 Location: Michigan Posts: 7,830	Internet Explorer 8 Beefed Up Against Hackers And Phishers Redmond (WA) - Microsoft is beefing up its upcoming Internet Explorer 8 browser with several security improvements against hackers and phishers. Eric Lawrence, Microsoft’s program manager of Internet Explorer security, says IE 8 Beta 1 will have more defenses against cross-site scripting, malware protection and URL highlighting. File upload paths will also be changed to read only. This will prevent hackers from reading direct paths to important files. Perhaps the most important addition will be the cross-site scripting or XSS Filter that will provide defense against exploits that can steal cookies, credentials and even keystrokes. Despite this protection, Lawrence warns that web developers shouldn’t get too complacent about letting IE take care of security. He adds, "because this feature is only available in IE8, it’s important that web developers provide additional defense-in-depth and work to eliminate XSS vulnerabilities in their sites. Preventing XSS on the server-side is much easier that catching it at the browser" Internet Explorer 8 Beefed Up Against Hackers And Phishers - Tom's Guide __________________
(Offline)

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode