14 DAY TRIAL // The generalized public perception seems to be that Internet Explorer 8 is not the best choice for security-concerned users, and that rival browsers do a better job at keeping users safe while online. Still, one security expert is running Internet Explorer 8, and notes that she sees no reason to jump to Firefox or to Chrome. In an interview for Microsoft’s TechNet Edge, Paula Januszkiewicz reveals that she opted for IE8 over rival browsers because of Protect Mode.
Watch the video embedded at the bottom to hear what Januszkiewicz has to say (jump to the second half if you’re interested only in the details related to browser security). The second video embedded below is a the “Useful Hacker Techniques: Which Part of Hackers' Knowledge Will Help You in Efficient IT Administration?” talk that Januszkiewicz gave at TechEd.
I personally am running IE8 with Protected Mode turned on and User Account Control enabled by default on top of Windows 7, and wouldn’t have it any other way. Introduced in Windows Vista and perfected in Windows 7, Protect Mode for IE8 makes the browser run with restricted privileges, even from administrator accounts. While Protected Mode in concert with UAC are on, attacks cannot write, alter or destroy data the machine or compromise the PC with malicious code, even if IE8 itself is bypassed.
This is possible because of the mitigations introduced in platforms such as Vista and Windows 7, including:
“•User Account Control (UAC) makes it easy to run without Administrator privileges. When users run programs with limited user privileges, they are safer from attack than when they run with Administrator privileges because Windows can restrict the malicious code from carrying out damaging actions.
•Integrity mechanism restrict write access to securable objects by lower integrity processes, much the same way that user account group membership restricts the rights of users to access sensitive system components.
•User Interface Privilege Isolation (UIPI) prevents processes from sending selected window messages and other USER APIs to processes running with higher integrity.”
Internet Explorer 8 (IE8) RTW is available for download here (for 32-bit and 64-bit flavors of Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008).
Internet Explorer 9 (IE9) Platform Preview 3 is available for download here.