Security Improvements in Internet Explorer for Windows Vista

Internet Explorer 7 introduces several security improvements to help mitigate attacks when it is used on Windows Vista®. The improvements are as follows:

• Protected Mode. Security feature that defends against “elevation of privilege” attacks, helping to prevent attackers from hijacking the browser and executing code through the use of administrator rights.
• Data Execution Prevention (DEP). Security feature that helps prevent damage from viruses and other security threats by monitoring applications that are invoked through Internet Explorer to make sure they use system memory safely.
• Improvements to secure HTTP (HTTPS). HTTP communication over an encrypted transport mechanism, such as Secure Sockets Layer (SSL) or Transport Layer Security (TLS).

Internet Explorer 7 Protected Mode

Protected Mode in Internet Explorer 7 is a defense-in-depth security feature that takes advantage of three new technologies available in the Windows Vista security model:

• User Account Control (UAC). Implements the principle of least privilege whereby all users on a computer run as a standard user. When a task requires more privileges than a standard user, the user is prompted with an elevation request that will temporarily elevate the user's rights to perform this task if the user's account has the necessary credentials.
• Mandatory Integrity Control (MIC). A model in which data can be configured to prevent lower-integrity applications from accessing it. The primary integrity levels are Low, Medium, High, and System. Processes are assigned an integrity level in their access token. Securable objects such as files and registry keys have a new mandatory access control entry (ACE) in the System access control list (ACL).
• User Interface Privilege Isolation (UIPI). Blocks lower-integrity processes from accessing higher-integrity processes.

Leveraging UAC, UIPI, and MIC, Internet Explorer 7 Protected Mode runs all Internet Explorer processes with reduced rights, even if the logged-on user is a member of the local Administrators group. Because of the reduced rights, ActiveX controls and toolbars will trigger a UAC elevation prompt, which helps to mitigate browser installations of malicious software that require no user action.

Data Execution Prevention

With Internet Explorer 7, Data Execution Prevention (DEP) can be enabled on the Advanced tab of the Internet Options dialog box. DEP helps to protect the computer by not allowing code to run in an area of memory that has been designated for data. DEP is useful to mitigate against buffer overflow attacks.

DEP is turned off by default in Internet Explorer because of compatibility issues. Before enabling DEP in Internet Explorer 7 in your organization, make sure to test all of your applications and make sure that they are compatible.

Improvements to Secure HTTP (HTTPS)

HTTPS uses encryption to help protect your Internet traffic from snooping or tampering by others on the network. HTTPS uses either the Secure Sockets Layer (SSL) or the Transport Layer Security (TLS) protocols to protect data.

In order to improve security and add new functionality, changes have been made to the HTTPS implementation in Internet Explorer 7. New protocol defaults in Internet Explorer 7 reduce the likelihood of someone taking advantage of configuration or protocol weaknesses to intercept or modify Web traffic that uses the HTTPS protocol.

These changes include:

• Both 40-bit and 56-bit encryption ciphers are disabled by default.
• The TLS implementation in Internet Explorer 7 has been updated to support extensions described in RFC 3546.
• Internet Explorer 7 supports Advanced Encryption Standard (AES) key lengths of up to 256 bits.
• Certificate revocation checking is enabled by default in Windows Vista. You can improve the performance of certificate revocation checking in Windows Vista by using Online Certificate Status Protocol (OCSP).