Microsoft plans on tightening some of its security flaws in
Internet Explorer 7. This news comes as a relief to some of its users who have had plenty to worry about with the recent news of Internet Explorer's security holes.
The browser currently uses the 'four classifications for Web site' settings (Internet, local intranet, trusted and restricted) to determine whether it will
run ActiveX or other controls without letting the user know.
Microsoft engineers Vishu Gupta, Rob Franco and Venkat Kudulur wrote in
Microsoft's IE weblog that Microsoft has been working on improvements to prevent the browser from running malicious code in less restrictive security zones. The change they plan on making "effectively removes the attack surface of the intranet zone for home PC users," they said. They even went ahead and attributed the idea to a summer intern.
The changes will also include the removal of the "Intranet" zone for home users.
Microsoft said that "the Internet zone, where most users browse, will be tightened down with two very notable changes. The Internet zone will run in Protected Mode on Windows Vista."
Gupta also added, "for example, a Trusted Site in IE6 can automatically install signed ActiveX controls on the user's machine. As a safety precaution in IE7, we have set the default for the Trusted Sites zone to Medium, the same level as the Internet zone in IE6."
Hopefully this change will make it easier for some end users to browse the net more securely than before without opening up new security holes.
Find us on Google+
