Browse by Tags

IEBlog

Windows Internet Explorer Engineering Team Blog
  • Blog Post: Enhanced Protection with IE9’s SmartScreen Filter

    A new research report from independent information-security research and testing organization NSS Labs shows that Internet Explorer 9 Beta protects the user from 99% of socially-engineered malware downloads. According to NSS Labs, “ With a unique URL blocking score of 94% and over-time protection rating...
  • Blog Post: MIME-Handling Changes in Internet Explorer

    Each type of file delivered from a web server has an associated MIME type (also called a “content-type”) that describes the nature of the content (e.g. image, text, application, etc). Back in Internet Explorer 8, we made a few changes to IE’s MIME-sniffing feature that attempts to determine the actual...
  • Blog Post: “Stranger Danger” - Introducing SmartScreen® Application Reputation

    When we released the IE9 beta about a month ago we talked about the importance of trust and confidence when working with downloads. Today, we are enabling the SmartScreen application reputation service to improve download protection for IE9 beta users. This feature works together with the SmartScreen...
  • Blog Post: The IE Cumulative Security Update for October 2010 is now available via Windows Update

    The IE Cumulative Security Update for October 2010 is now available via Windows Update . This security update resolves seven privately reported vulnerabilities and three publicly disclosed vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user...
  • Blog Post: IE August Cumulative Security Update Now Available

    The IE Cumulative Security Update for August 2010 is now available via Windows Update . This security update resolves six privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet...
  • Blog Post: Rely on Declarative Security Features in the Browser

    Cutting edge web applications push the boundaries of the web development model. In the security space, this raises an interesting question – who owns security for a web application built on a complex platform hierarchy? Is it the application at the top of the stack, the intermediate platform component...
  • Blog Post: IE June Security Update Now Available

    The IE Cumulative Security Update for June 2010 is now available via Windows Update . This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views...
  • Blog Post: Privacy, Add-ons, and Cookie-less HTTP Requests

    A recent article incorrectly suggested that Internet Explorer add-ons must send and store cookies when making HTTP requests. That’s simply not true-- Internet Explorer APIs enable add-ons to respect the user’s privacy and not leak information. Existing APIs are available to add-ons running...
  • Blog Post: IE8 SmartScreen Filter - Protecting Users at Internet Scale

    The RSA 2010 Security Conference is just finishing up here in San Francisco, and I’m struck by how many of the conference sessions and keynotes have warned about the threat that socially engineered malware poses to the security of the Internet. Malware has become the scourge of the Internet, and it’s...
  • Blog Post: IE Cumulative Security Update Now Available

    Today we released a Cumulative Security Update for Internet Explorer. We’ve released this Cumulative Security Update earlier than originally scheduled based on malicious activities reported on the web. The update is available via Windows Update and Microsoft Update. Most users configure their machines...
  • Blog Post: IE December Security Update Now Available

    The IE Cumulative Security Update for December 2009 is now available via Windows Update or Microsoft Update . This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The security update addresses these vulnerabilities by...
  • Blog Post: IE8 SmartScreen in action

    Last week at PDC, as we were about to start talking to people about IE9, I saw the following notification from my Facebook account: From: Facebook [mailto:notification+mwm5axbx@facebookmail.com] Sent: Tuesday, November 17, 2009 10:05 AM Dina posted something on your Wall and wrote: "funny...
  • Blog Post: IE October 2009 Security Update Now Available

    The IE Cumulative Security Update for October 2009 is now available via Windows Update or Microsoft Update . This update addresses three privately reported vulnerabilities and one publicly disclosed vulnerability. The security update addresses these vulnerabilities by modifying the way that Internet...
  • Blog Post: Real-World Protection With IE8’s SmartScreen Filter™

    Back in March, I posted a note to the IEBlog when the pre-release version of IE8’s SmartScreen Filter had delivered its 10 millionth malware block. Today, I’m happy to report that IE8’s SmartScreen Filter has delivered more than 70 million blocks in the first four months since IE8’s official release...
  • Blog Post: Internet Explorer July Out-of-Band Cumulative Security Update

    Internet Explorer is releasing an out-of-band update available via Windows Update . Alternatively, you can receive this and all other Microsoft updates via the new Microsoft Update . I encourage you to upgrade to Microsoft Update if you haven’t already to ensure that you receive the latest updates for...
  • Blog Post: Internet Explorer’s ActiveX Security Mitigations in Use

    Background As a part of the July security bulletin , Microsoft yesterday released an update to mitigate a vulnerability in the “Microsoft Video” ActiveX control. This control contained a stack-based buffer overflow which could be exploited by a malicious web page. If you haven’t yet done so, please...
  • Blog Post: Declaring Security

    Recently, a number of people have asked me what I think about Mozilla’s Content Security Policy draft spec. Back in January, I went on record as being someone who thinks that CSP is a good idea. CSP is a mechanism for declarative security , whereby a site communicates its intent and leaves it up to...
  • Blog Post: IE June Security Update Now Available

    The IE Cumulative Security Update for June 2009 is now available via Windows Update or Microsoft Update . This update addresses seven privately reported vulnerabilities and one publicly disclosed vulnerability. The security update addresses these vulnerabilities by modifying the way that Internet...
  • Blog Post: Security Intelligence Report Volume 6

    The sixth edition of the Security Intelligence Report (SIR), Microsoft’s semi-annual report on the state of computer security was published on April 8, 2009. Using data derived from hundreds of millions of computers worldwide and some of the busiest online services on the Internet, this report provides...
  • Blog Post: IE April Security Update Now Available

    The IE Cumulative Security Update for April 2009 is now available via Windows Update or Microsoft Update . This update addresses four privately reported vulnerabilities and two publicly disclosed vulnerabilities. The security update addresses these vulnerabilities by modifying the way that Internet...
  • Blog Post: IE8 Security Part IX - Anti-Malware protection with IE8’s SmartScreen Filter

    Over the last year, we’ve published two posts about how the IE8 SmartScreen ® filter helps to prevent phishing and malware attacks. In this post, I’d like to share some real-world data on the protection provided to IE8 pre-release users by the anti-malware feature. We’ve invested...
  • Blog Post: IE February Security Update Now Available

    The IE Cumulative Security Update for February 2009 is now available via Windows Update . Alternatively, you can receive this and all other Microsoft updates via the Microsoft Update . I encourage you to upgrade to Microsoft Update if you haven’t already to ensure that you receive the latest updates...
  • Blog Post: IE8 Security Part VIII: SmartScreen Filter Release Candidate Update

    Hello, I'm Alex Glover and I'm the test owner of the SmartScreen Filter in Internet Explorer 8. The SmartScreen Filter helps protect IE8 users against phishing scams and sites distributing malware . In a previous post , Eric described the SmartScreen features and improvements over the Phishing Filter...
  • Blog Post: Suggested Sites & Privacy

    The IE8 feature Suggested Sites helps you discover related sites that can be helpful to get more information about your interests. Under the hood, Suggested Sites is a system that provides suggestions by using a collection of users’ visited sites. You may be wondering how Suggested Sites works with the...
  • Blog Post: Birth of a Security Feature: ClickJacking Defense

    Hi, my name is Kymberlee Price, and I recently joined the Internet Explorer team as a Security Program Manager for IE8, working with Eric Lawrence. Prior to this I spent five years in Microsoft's Security Engineering & Communications team (MSEC) where I founded the Security Researcher Community Outreach...
Page 3 of 7 (163 items) 12345»