Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » Security   (RSS)

Updates for AJAX in IE8 Beta 2

Sunava Dutta here, a program manager focused on improving AJAX in the browser! Now that Internet Explorer 8 Beta 2 is out, I want to write about some of the latest rounds of enhancements we’ve made. As many of you may recall, back in March we discussed
Posted by ieblog | 49 Comments
Filed under: ,

Statistical Validation of the IE8 XSS Filter

Greetings, I’m Russ McRee of Microsoft’s Online Services Security & Compliance Incident Management team. My team serves as incident handlers for the various types of attacks our online services face. High on the list of incidents we handle are cross-site
Posted by ieblog | 9 Comments
Filed under:

IE8 Security Part VI: Beta 2 Update

Now that Beta 2 has released, I want to provide a short update on some of the smaller security changes the team has recently made. I’ve also linked to a great article on the IE8 XSS Filter implementation written by the architect of that feature. Restricting
Posted by ieblog | 63 Comments
Filed under: ,

Trustworthy Browsing with IE8: Summary

Back in June, Dean Hachamovitch kicked off a series of blog posts explaining how the IE team approached the task of building a trustworthy browser. Trustworthiness is the foundation of Internet Explorer 8, and we’ve worked hard to deliver a product with

IE8 and Privacy

As others have written here before, users should be in control of their information. That’s at the core of privacy. Privacy has two aspects: disclosure and choice. Disclosure means informing users in plain language about the data collected about them

Privacy Beyond Blocking Cookies: Bringing Awareness to Third-Party Content

Previous posts have covered trustworthy principles in general and some product specifics as well. Privacy is an important part of trustworthy computing. This post discusses one aspect of privacy on the web: third-party content. When most people browse

IE August Security Update Now Available

The IE Cumulative Security Update for August 2008 is now available via Windows Update . Alternatively, you can receive this and all other Microsoft updates via the new Microsoft Update . I encourage you to upgrade to Microsoft Update if you haven’t already
Posted by ieblog | 66 Comments
Filed under:

IE8 Security Part V: Comprehensive Protection

Hi! I’m Eric Lawrence, Security Program Manager for Internet Explorer. Last Tuesday, Dean wrote about our principles for delivering a trustworthy browser ; today, I’m excited to share with you details on the significant investments we’ve made in Security
Posted by ieblog | 119 Comments
Filed under:

IE8 Security Part IV: The XSS Filter

Hi, I'm David Ross, Security Software Engineer on the SWI team. I’m proud to be doing this guest post on the IE blog today to show off some of the collaborative work SWI is doing with the Internet Explorer team. Today we are releasing some details on
Posted by ieblog | 39 Comments
Filed under:

IE8 Security Part III: SmartScreen® Filter

As someone whose email address is posted in thousands of forum posts, newsgroup discussions, and blogs, I get a lot of spam. Of the spam I receive, a significant number of messages represent phishing attacks . Most of these lures aren’t very clever or
Posted by ieblog | 31 Comments
Filed under:

IE8 and Trustworthy Browsing

This blog post frames our approach in IE8 for delivering trustworthy browsing. The topic is complicated enough that some context and even history (before we go into any particular feature) is important, and so some readers may find this post a bit basic
Posted by ieblog | 76 Comments

IE8 Beta 1 June Security Update Now Available on Windows Update

Today we released the IE June Cumulative Security Update for Internet Explorer 8 Beta 1 for Developers on Windows Update . For detailed information on the contents of this update, please see the following documentation: IE Blog Post: IE June Security
Posted by ieblog | 8 Comments
Filed under:

Securing Cross Site XMLHttpRequest

As I mentioned in my post on Cross Document Messaging , client side cross domain request is an important area of interest for AJAX developers looking for ways to avoid expensive server side proxying calls. While Cross Document Messaging is useful for

IE June Security Update Now Available

The IE Cumulative Security Update for June 2008 is now available via Windows Update . Alternatively, you can receive this and all other Microsoft updates via the new Microsoft Update . I encourage you to upgrade to Microsoft Update if you haven’t already
Posted by ieblog | 27 Comments

ECMAScript Security

Related to the IE Blog post around mashups in Internet Explorer 8, the Jscript team has a great post on ECMAScript, Security and Mashups over on their blog. Check it out! Kristen Kibble IE Program Manger
Posted by ieblog | 23 Comments
Filed under: ,
More Posts Next page »
 
Page view tracker