IE7 and Vista: Using IE7 and Vista Safely

IE 7 and Vista Improvements

With the release of Windows Vista, you can expect to use the newest and most secure version of Microsoft’s Web browser to date. New features in Internet Explorer 7 help to prevent the inception and spread of malware. To help protect a user’s personal information and the security of Vista in general, IE 7 comes with many new advances in security and tools to help prevent or limit damage from an attack.

One simple change is with the Secure Sockets Layer (SSL) protection offered when using the browser. Commonly, a padlock icon will show up in the bottom of the browser indicating that you are entering a “secure” site that uses encryption technologies. Now, the new security status bar helps by showing you in clearer terms that a site you are visiting is safe. The padlock also appears closer to the top of the browser and is highlight blue when safe. This is but one very simple example of things that have changed to make your browsing experience easier and safer.

Basic Browser Behavior

This article is excerpted from “Vista for IT Security Professionals.” To order this book, please visit Syngress.

When surfing the Internet, it’s easy to visit sites that you think are safe, but are not. These sites can introduce malware when you click on the site itself, when you download a file from the site manually and install it, or worse, when you are conned into believing that the site you’re visiting is a real site, but in fact is nothing more than a fake used to garner your personal information.

Browser Exploits

Web browsers are client software programs, such as IE7, Netscape, and Opera, that connect to servers running Web server software (such as IIS or Apache) and request Web pages via a URL, which is a “friendly” address that represents an IP address and particular files on the server at that address. The browser receives files that are encoded (usually in Hypertext Markup Language [HTML]) and must interpret the code or “markup” that determines how the page will be displayed on the user’s monitor.

Browsers are open to a number of attack types. The embedded scripts (and even some of the markup language) can be used to exploit your browser. With Internet Explorer 7, new tools such as the Phishing Filter help to thwart these attacks.

Early browser programs were fairly simple and could be exploited by using minimal techniques. Today’s browsers are highly complex, signaling the need to secure them even further. These newer browsers are capable of not only displaying text and graphics, but also playing sound files and movies and running executable code. The browser software also usually stores information about the computer on which it is installed, as well as the user (via data stored as cookies on the local hard disk), which can be uploaded to Web servers—either deliberately by the user, or in response to code on a Web site.

These characteristics serve useful purposes. Support for running code (as “active content” such as Java, JavaScript, and ActiveX) allows Web designers to create pages that interact with users in sophisticated ways. Cookies allow users to set preferences on sites that will be retained the next time they visit the site.

However, hackers and attackers can exploit these characteristics in many ways. For example, an attacker can program a Web site to run code that transfers a virus to the client computer through the browser, erases key system files, or plants a “backdoor” program that then allows the hacker to take control of the user’s system.