Low-Rights IE Only for Longhorn Users
Rob Franco, Lead Program Manager for Internet Explorer Security at Microsoft posted a missive to the IEBlog hoping to dissolve the confusion surrounding a planned security future that will be found in IE7. IE7 will run in a reduced privilege mode called "Low-Rights IE" that will limit the actions of malware.
But the safeguard will not be available to everyone - only users that upgrade to Longhorn will be protected. And even Longhorn users may be vulnerable at another well known exposure point: Microsoft will not modify the default security settings for ActiveX and scripting, which account for a large number of known vulnerabilities.
Microsoft has programmed Longhorn to make it possible for users to have normal Windows sessions while having reduced user account privileges - making the browser safer to use than when it ran with full administrative privileges.
Longhorn's predecessor, Windows XP, does not have this capability and cannot offer users the protection of Low-Rights IE. Users that do not upgrade to Longhorn will remain vulnerable to malware that can hijack default settings, modify system files and install malicious software.
"It's great to see Microsoft reducing the security footprint of future versions of IE. Reducing the privileges required to run IE should seriously reduce the amount of damage that occurs when browsing, and should reduce the amount of spyware and other nastiness that can infect users' machines via the browser," Andrew Jaquith a Senior Analyst with Yankee Group, told BetaNews.
"That said, Microsoft isn't going far enough. Microsoft should do two more things," said Jaquith. "First, Microsoft should declare victory and retire ActiveX in favor of .NET- only technologies---things that run in their Common Language Runtime sandbox rather than as native code. Native code will always be prone to buffer overflows and other types of attacks. For now, it's best to simply turn off ActiveX or run another browser that doesn't support it (like Firefox)."
Microsoft has stated that one of its goals is to maintain compatibility among sites and with add-ons that use ActiveX while attempting to be as secure as possible.
Jaquith also had words about Microsoft's decision not to port Low-Rights IE to Windows XP. "Second, the 'more secure' IE should be offered to Windows XP users too - why leave them out in the cold?"
In the IEBlog, Franco reminded user that even Low-rights IE does not protect them from downloading and installing malware - it just reduces the damage that can be done. It is still possible that a user may grant malware administrative privileges.
A beta of IE7 is expected to be released June 30. Windows XP Service Pack 2 is a requirement for the beta; as previously reported, there will be no IE7 distribution for Windows 2000.
Rob Franco, Lead Program Manager for Internet Explorer Security at Microsoft posted a missive to the IEBlog hoping to dissolve the confusion surrounding a planned security future that will be found in IE7. IE7 will run in a reduced privilege mode called "Low-Rights IE" that will limit the actions of malware.
But the safeguard will not be available to everyone - only users that upgrade to Longhorn will be protected. And even Longhorn users may be vulnerable at another well known exposure point: Microsoft will not modify the default security settings for ActiveX and scripting, which account for a large number of known vulnerabilities.
Microsoft has programmed Longhorn to make it possible for users to have normal Windows sessions while having reduced user account privileges - making the browser safer to use than when it ran with full administrative privileges.
Longhorn's predecessor, Windows XP, does not have this capability and cannot offer users the protection of Low-Rights IE. Users that do not upgrade to Longhorn will remain vulnerable to malware that can hijack default settings, modify system files and install malicious software.
"It's great to see Microsoft reducing the security footprint of future versions of IE. Reducing the privileges required to run IE should seriously reduce the amount of damage that occurs when browsing, and should reduce the amount of spyware and other nastiness that can infect users' machines via the browser," Andrew Jaquith a Senior Analyst with Yankee Group, told BetaNews.
"That said, Microsoft isn't going far enough. Microsoft should do two more things," said Jaquith. "First, Microsoft should declare victory and retire ActiveX in favor of .NET- only technologies---things that run in their Common Language Runtime sandbox rather than as native code. Native code will always be prone to buffer overflows and other types of attacks. For now, it's best to simply turn off ActiveX or run another browser that doesn't support it (like Firefox)."
Microsoft has stated that one of its goals is to maintain compatibility among sites and with add-ons that use ActiveX while attempting to be as secure as possible.
Jaquith also had words about Microsoft's decision not to port Low-Rights IE to Windows XP. "Second, the 'more secure' IE should be offered to Windows XP users too - why leave them out in the cold?"
In the IEBlog, Franco reminded user that even Low-rights IE does not protect them from downloading and installing malware - it just reduces the damage that can be done. It is still possible that a user may grant malware administrative privileges.
A beta of IE7 is expected to be released June 30. Windows XP Service Pack 2 is a requirement for the beta; as previously reported, there will be no IE7 distribution for Windows 2000.
