Browser Security News

Microsoft’s new Internet Explorer 7.0 browser, which was released to the public last week, includes several security improvements but still has weaknesses inherited from IE 6. I’ll show you an easy way to "harden" IE 7 so you’re protected against hacker threats that haven’t even been invented yet.


IE 7 suffers from some IE 6 weaknesses

IE 7 does benefit from some significant updates over IE 6. For example, the so-called Phishing Filter in IE 7 warns you if a page you’re about to visit is in a real-time database of hacked sites. (You must turn on this filter for it to work. Hopefully, most users will do so because IE 7 asks for the filter to be enabled the first time you use the new browser.)

Also, IE 7’s new Protected Mode, which only works in Windows Vista, will prevent Web sites from modifying system files or settings. I described several of these new features in my Executive Tech column on Oct. 24.

Unfortunately, IE 7 still contains some security weaknesses that were present in IE 6 — and which Microsoft still hasn’t fixed in that older browser. The most publicized example since IE 7 went gold is the so-called MHTML hole. This problem allows a hacked site to read information from the window of a different site you’re visiting, such as an online banking service. IE 7 needs tweaking for safety