Internet Explorer Security

Article (28)

Internet Explorer 8 security guide
Learn about Internet Explorer 8's security features and how to put them to work.
Is Internet Explorer's Enhanced Security Configuration worth the trouble?
Internet Explorer's Enhanced Security Configuration mode in Windows Server is seen as an annoyance by some security pros. But as we explore in this story, the software has plenty of upside if treated right.
How to configure access control lists to boost Internet Explorer Security
Read this tip to learn about access control lists (ACLs) and how they can repel attacks targeting Internet Explorer.
IE 8's Group Policy settings
Internet Explorer 8's treatment of group policy settings offers some nice new features for security professionals.
End users will need lessons to understand IE8's security boost
New features in IE 8 will improve security, but as they are not obvious, end users will need to be shown the new tools to put them to work.
Inside Internet Explorer 8's new security features
IE 8's new security features have experts purring, but browsers in general remain a hacker's easiest way into an enterprise.
UPDATE - Microsoft to issue emergency patch for IE flaw
Microsoft has upgraded its warnings about the security of Internet Explorer.
IE 7 under attack from unpatched flaw
Patch Tuesday seems to have missed a flaw in IE7 and the bad guys are already pouring through the breach
Internet Explorer 8, beta 2, has plenty to excite security pros
Internet Explorer 7 did not delight security professionals. Its successor, IE 8, looks more promising.
ActiveX security improves with Internet Explorer 8's security features
Although Internet Explorer 8 is not necessarily going to be a security-centric release, it does include some rather promising new security features. It's still too early to tell whether or not the browser's new security features are going to put an end to the browser hijacking problem, but at least one expert says they will help to some degree.
IE 8 will clamp down on cross-site scripting
Microsoft is planning to add a series of new security features to the next version of its Internet Explorer browser, including protection against cross-site scripting attacks.
Internet Explorer open to spoofing, scripting attacks
A zero-day vulnerability in Internet Explorer (IE) leaves the browser open to an attack that could allow someone to capture the keystrokes of a victim.
New security features in IE 8
Brien Posey looks at new web security features in Microsoft's latest browser.
Microsoft security update causes IE meltdown
Some users are reporting problems with Internet Explorer after installing Microsoft's MS07-069 security update.
IE in patch Tuesday limelight for August
Two of Microsoft's critical patches this month fix problems that deal with -- surprise -- vulnerabilities in all versions of Internet Explorer.
Microsoft to update critical Windows, Office, flaws
Nine security bulletins will be released Tuesday to patch flaws in Windows, Office, IE and Virtual PC, Microsoft said. Six of the bulletins are expected to be critical.
Microsoft confirms new IE flaw
Attackers could exploit a new flaw in Internet Explorer (IE) to access local files on targeted systems, Microsoft confirmed Tuesday.
Microsoft patches IE flaw early
Updated: Attacks against the Internet Explorer VML flaw were increasing to the point where Microsoft saw the need to fix it outside its normal patch cycle.
IE attacks intensify, third-party patch issued
As more exploits target the VML flaw in Internet Explorer, a third-party fix patch is released and security organizations raise their alert status.
Security Bytes: Zero-day attack targets IE
In other news: The Department of Homeland Security (DHS) names a new cybersecurity chief and a new worm uses AOL Instant Messenger to spread.
Microsoft warns of new Internet Explorer threat
Days after Patch Tuesday, Microsoft warned of a new threat against Internet Explorer. Attackers could exploit it to crash machines or take them over.
Microsoft probes alleged Internet Explorer flaw
A research group claims attackers could launch malicious code using a flaw in the way Internet Explorer instantiates certain COM objects' ActiveX controls.
Update: Microsoft fixes faulty Internet Explorer patch
Update: Microsoft has fixed a faulty browser fix that enabled an exploitable condition. Sources say a compatibility problem with Systems Management Server delayed the fix.
Update: Microsoft's fixes 23 flaws, DHS urges action
Updated: Microsoft releases a dozen August security updates, nine critical. The Department of Homeland Security says one fix in particular should be implemented immediately.
Third-party Microsoft patches could get new life
News analysis: Microsoft's process for providing security fixes is as orderly and predictable as it has ever been, but some believe the software giant's methodical nature may lead to more third-party patches.
Microsoft to patch critical Windows, Office flaws
The software giant plans to release seven security bulletins Tuesday: four for Windows and three for Office. Some of the patches will fix critical flaws.
Microsoft releases 13 security patches, eight critical
The baker's dozen of new patches includes 12 new ones that address flaws in Internet Explorer and Word, plus a re-release of a patch first issued in March.
Microsoft to release 12 June security fixes
June's "Patch Tuesday" security bulletins will feature nine Windows fixes, including a cumulative update for Internet Explorer, plus a pair of patches for Office and one for Exchange.

News (18)

Microsoft investigating new IE flaw
Microsoft is looking into a new IE flaw that coud see a malicious web site run code on your machines.
Microsoft warns of data leakage from new IE zero-day
Windows XP users running Internet Explorer have a new zero-day to worry about. The flaw could result in data leakage.
Microsoft releases emergency IE patch
Microsoft has released a fix for several flaws in Internet Explorer, including a zero-day vulnerability that has been widely exploited.
Internet Explorer emergency patch on the way
Microsoft will patch Internet Explorer to prevent an attack that can now target all versions of the browser.
IE 6 the source of Google hacks
The attacks on Google and other technology companies were executed using Internet Explorer 6.0, Microsoft says.
Microsoft admits IE zero-day used in attacks on Google, Adobe
Microsoft has admitted to a flaw in most versions of Internet Explorer that has been exploited in targeted attacks on Google, Adobe and other firms.
Internet Explorer gets a major makeover as December's Microsoft patches land
Microsoft's last batch of patches for 2010 constitute a bic security boost for its Internet Explorer browser, while IPsec flaws also get three fixes.
Internet Explorer zero-day under attack
An unptached cascading style sheet (CSS) handling error in IE is under attack, says Symantec.
Microsoft fixes broken patch
Microsoft has patched a dodgy patch that made Internet Explorer behave badly.
IE XML attack expands with Word variant
Hackers have found another way to exploit the recent IE XML flaw, based on distributing infected Word files.
Adobe patches zero day PDF flaw
The popular document reader has a nasty flaw that can be accessed via IE 7.
BugWatch: Microsoft curses cursors
New flaws in Microsoft and Cisco products dominate this week's BugWatch.
BugWatch: Phishing flaw in IE7?
A prominent security researcher believes Internet Explorer may be a potential source of phishing attacks.
What's hot in Windows security: Updating Windows Update; new IE scare
Learn about a new Internet Explorer (IE) security flaw and stealth downloads in Microsoft's Windows Update service.
Zero-day flaws affect Firefox, IE]
A researcher published details on four new zero-day flaws affecting Firefox and Internet Explorer. They could be exploited to log keystrokes, download malware and steal cookies.
BugWatch: Exploit code out for Internet Explorer flaw
Websense Security Labs warned that exploit code targeting the Internet Explorer MDAC flaw has been published. Microsoft released a patch for the flaw in February.
Zero-day attacks target Microsoft Visual Studio
Microsoft has outlined a series of steps users should take to protect their machines from attacks that exploit a new zero-day flaw in Visual Studio 2005.
AOL Security Edition 9.0 vulnerable to attack
Attackers could exploit a flaw in AOL Security Edition 9.0 to run malicious code on targeted machines. A fix is available.

Columns (3)

Inside MSRC: Microsoft outlines Internet Explorer flaws
Microsoft's Bill Sisk explains the Internet Explorer critical flaws being addressed in this month's batch of security updates.
Microsoft explains Patch Tuesday
Microsoft's Christopher Budd explains the software vendor's new Update Catalog, a searchable database of all Microsoft security updates, drivers, and service packs. Also a look at this month's updates.
Security Blog Log: The new clearinghouse for flaws
This week's Internet Explorer zero-day warnings illustrated how security vendors are increasingly using the blogosphere to deliver threat alerts to the public.

Tips (1)

Firefox 2.0 vs. Internet Explorer 7
Tired of sifting through articles on IE7 and Firefox 2.0 in an attempt to determine which one best meets your Web browser security needs? In this tip, SearchSecurity.com Web security expert Michael Cobb highlights what has been added and updated to IE7 and Firefox 2.0 respectively, and examines if these new security features will make the Web a safer place.

© 2010 TechTarget ANZ. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. Use of this website constitutes acceptance of the TechTarget ANZ Terms and Conditions and Privacy Policy.

TechTarget ANZ sites: SearchCIO.com.au | SearchNetworking.com.au | SearchSecurity.com.au | SearchStorage.com.au | SearchVoIP.com.au