This afternoon talk by Rob Franco, Lead Program Manager for IE, focussed on why and how security was implemented in IE 7.0.
Compability was a concern – minimize the impact so many sites work right of the bat
Used new Compatability toolkit to demonstrate features
ActiveX becoming more secure – Information bar, blocks the user from using an ActiveX that is already on the system, not just blocking installation. If the user does go ahead download it, then it runs in protected mode on system, as written by IE (into temporary folder and nuetralizing threat). Use browsing history to clean/remove files.
Under XP SP2, new controls run as Admin, however in Vista runs restricted. Common controls, flash, media player, sun jvm are enabled by default.
IE 7.0 has native XMLHTTP object.
Phishing filters – service at urs.microsoft.com used to verify site
IE 7.0 is secure by default, and power users can disable settings very easily.Rob encouraged folks to visit Sandbox and talk to IE Team. Check out IE Blog, Compatibility docs etc.
Mix 06 – IE 7.0 Security
This entry was posted in Uncategorized. Bookmark the <a href="https://sujatad.net/uncategorized/mix-06-ie-7-0-security/" title="Permalink to Mix 06 – IE 7.0 Security" rel="bookmark">permalink</a>.