Chapter 8. Securing Internet Explorer

Since its release, Internet Explorer (IE) has been Microsoft's weakest security point. As the most common browser in the world, it is a malicious hacker's most popular target. Nearly 85 percent of the world's computers run IE (see http://en.wikipedia.org/wiki/Usage_share_of_web_browsers). By exploiting IE vulnerabilities, hackers and criminals gain the largest possible foothold into the greatest number of potential victim machines.

Secunia (http://secunia.com/product/11) lists over a hundred Internet Explorer 6.x vulnerabilities, many remaining unpatched for a year or longer. Consequently, many Windows users are exploring browser alternatives. Fire-fox and other competing Internet browsers have gained notable market share over the last two years.

To decrease the risk of new malicious attacks utilizing IE and to restore consumer confidence, Microsoft created Internet Explorer 7.0. It contains dozens of security and feature improvements. IE 7.0 was pushed down as a critical upgrade for Windows XP Pro near the end of 2006, and is the installed browser of Windows Vista. Chapter 8 will cover the security features of IE 7 and discuss how to secure Internet browsing.

Should You Use Another Browser?

Many security "experts" recommend that IE be replaced by some other "more secure" Internet browser. Often they recommend Mozilla Firefox (www.mozilla.com/firefox), Safari (www.apple.com/macosx/features/safari), Opera (www.opera.com), or one of the other less ...

Get WINDOWS VISTA™ SECURITY: Securing Vista Against Malicious Attacks now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.