IE7 for WinXP RTM in Dec 06, new IE every year

[office politics]

http://techrepublic.com.com/5100-1009_11-6078324.html?tag=nl.e036

Check out IE 7's security features

by Michael Mullins CCNA, MCP

ActiveX opt-in--Disables nearly all pre-installed ActiveX controls to prevent potentially vulnerable controls from being exposed to attack. You can easily enable or disable ActiveX controls as needed through the Information Bar and the Add-on Manager.

This was the number one requested feature and the most exploited flaw within older versions of IE. Other non-Microsoft browsers gained widespread usage because they didnÂ’t include this active vector in their browser release.

Phishing filter--Proactively warns and helps protect you against potential or known fraudulent sites and blocks the site if appropriate. The opt-in filter is updated several times per hour using the latest security information from Microsoft and several industry partners.

Phishing is directing unsuspected users to sites that look like their banking web page and harvesting privacy and financial information. Microsoft is trying to build a phishing database and warn users about fraudulent sites before any information is transferred to these criminals.

Cross-Domain barriers--Limits script on web pages from interacting with content from other domains or windows. This enhanced safeguard will further protect against malware by limiting the potential for malicious websites to manipulate flaws in other websites or cause you to download undesired content or software.

Cross-Domain scripting has long been the avenue of choice for all of those drive-by installations and pop-up ads that warn you about how insecure you computer is and click here to fix it. Microsoft has finally addressed this problem.

Delete browsing history--Allows you to clean up cached pages, passwords, form data, cookies, and history, all from a single window.

This feature will allow you to safely use a public (kiosk) computer to check your email or bank balance, then erase all of your privacy information with the click of a button.

Address bar protection--Every window, whether it's a pop-up or standard window, will present an address bar to the user, helping to block malicious sites from emulating trusted sites.

Some web sites script the disappearance of the address bar to hide their true identity so you canÂ’t block their site. By forcing an address bar, users will always know where the web content is be served from and will be able to block that site (advertisers beware!).

Fix my settings--To help protect you from browsing with unsafe settings, Internet Explorer 7 warns you with an Information Bar when current security settings may put you at risk. Within the Internet Control Panel, you will see certain critical items highlighted in red when they are unsafely configured. In addition to alerts warning you about unsafe settings, you will be reminded by the Information Bar as long as the settings remain unsafe. You can instantly reset Internet security settings to the "Medium-High" default level by clicking the "Fix My Settings" option in the Information Bar.

Sometimes users or programs modify their browser security settings. This feature offers a quick method of restoring browser settings to a safe level.

 

[talldude123]

I cant wait til it comes out a full version.

They are trying to fix the bugs, and release the stable version with Vista eventually.

 

[snoopyAU]

i dont' know whether u guys got the same problem but when i use IE7 to surf the web, it's slower than firefox, wat the hec' , i thought it' betta than IE6 which is same speed with firefox i thnk

 

[Osiris]

Recently at the IE Blog, they have posted a suprising yet pretty cool article talking about a customised version of IE7 with Yahoo! branding.

Read below for the entire article;

"We often talk with our partners about all the ways they can take advantage of the extensibility in IE7. Today, Yahoo! released something new and (I think) pretty cool. ?Internet Explorer 7 optimized by Yahoo!? presets the homepage and search to Yahoo properties. Of course, users can easily change the settings just as they can with the standard version that we ship. The Yahoo! version of IE7 is available now on the Yahoo! site.

Yahoo! used the beta version of the Internet Explorer Administration Kit (IEAK) to customize IE7 to meet their needs. The IEAK is available to all developers and partners who want to create their own customized versions of IE7, as well as IT pros who want to use it to ease enterprise deployment. You can download it from the Microsoft Technet site."

http://blogs.msdn.com/ie/archive/2006/06/09/624176.aspx

 

[Osiris]

Security analysts Wednesday warned users of a pair of unpatched bugs in Microsoft's popular Internet Explorer browser that may soon be in play because proof-of-concept code has gone public for both.

One vulnerability lets attackers execute their code remotely if they can dupe users into double-clicking on a file included in a malicious Web page. The Internet Storm Center claimed that the current proof-of-concept exploit code requires this kind of user interaction, but that went on to warn that "we can expect to find creative use of this exploit in the wild very soon." According to the ISC, disabling IE's active scripting capabilities might protect against an exploit of the bug.

The second flaw is due to a failure of IE to enforce cross-domain policies, Symantec said in a warning to customers of its DeepSight threat system. IE, which has been victimized by numerous cross-domain vulnerabilities, could be exploited to hijack usernames and passwords.

http://www.crn.com/sections/breakingnews/breakingnews.jhtml?articleId=189602578&cid=CRNBreakingNews