Zone-Spoofing Fixed for IE 7 Home Users

BeanBunny writes "The IE 7 dev team has essentially removed the intranet zone for Home users, resulting in a Web browser that is effectively invulnerable to a zone-spoofing attack. This security feature does not exist, however, on any installation that is part of a managed network. It also does not exist if you manually change the permissions on your Internet zone. However, in Windows Vista, both zones will be run in a 'protected mode,' something that allegedly prevents the invisible installation of code."

Protected Mode

[BobPaul]

Protected mode sounds kind of like the security wrappers Firefox Deer Park places around extensions.

Re:So . . .

[cytoman]

You do realize that businesses which run windows operating system usually have a systems admin who takes care of locking down the computers and preventing unauthorized attacks, etc. So, the problem has always been for home users who manage their own systems, and are easily fooled into the many frauds/spoofs/phishing attacks. Good that this is being taken care of in IE7.

Interesting Security Moves with IE7/Vista

[ThinkFr33ly]

IE 7 on Vista will run in sandbox that isn't really like anything out there today. (That I know of, anyway.) Even if you're an admin user, IE 7 is contained in such a way that it is not able to access anything outside of its sandbox without explicit permission.

This helps even when non-admins are running IE 7 because it doesn't just prevent system changes (like adding a program to the startup folder), it also prevents changes to anything outside of the sandbox... including files that the non-admin user has full access to.

They accomplish this by using the concept of a broker which IE 7 has to ask to do pretty much anything to the local system, independant of the privledges of the user running the browser. Want to save a file to your desktop? IE 7 must first ask the broker for permission. When the broker gets this request it then asks the user using a dialog. If the user approves, the broker then gets the appropriate information from IE 7 and saves the file for IE 7. At no point does the IE 7 process have access to the desktop or any of the users files.

The net effect is isolating all dangerous code in the broker, which is far simpler and easier to audit and debug than IE 7, thereby decreasing the attack surface dramatically.

For a detailed description of all this, check out the channel 9 video about it.

Re:Sadly, the slashdot crowd WANTS IE to be insecu

[freeweed]

the last major security outbreak happened back in 2003

Hahahahahahahaha (x1000)

The last catastophic, taking-down-millions-of-systems, DoSing-the-Internet, making-headlines-all-over-the-world-for-days-after wards outbreak happened in 2003.

Several major outbreaks have happened this year, Zobot for one. The only thing that saved the day was the uptake in XP installs; otherwise, we would have had another Code Red on our hands.

Incremental improvement. A good thing for Microsoft, a good thing for average users, a good thing for the internet, yes. But "slowly but surely, you're losing your security argument"? Call me when a million Linux webservers get infected. Call me when desktop Linux starts spreading automatically executed worm code.

Most importantly, call me when Linux sees as many viruses and/or outbreaks as its marketshare would imply. Not the almsot nonexistent numbers we see today. That always seems to be the argument, that it's a marketshare thing. So just keep in touch, and let me know when 5% (or whatever Linux is at) of viruses/worms/spyware is targetted at, and infecting, Linux. Then you might actually have a point.