Applies To:
Venafi Trust Protection Platform 14.1
Summary:
Internet Explorer 10 or greater is the required IE version for version 14.1. This is done both for the feature set in IE10 and also for its additional security capabilities. Firefox 10 is also a supported browser for version 14.1.
Protection from socially-engineered attacks
By imitating or compromising trusted web sites, malware authors try to trick users into sharing personal information or downloading and executing malicious software. To help protect users from these socially-engineered attacks, Microsoft uses a combination of URL filtering and application reputation. SmartScreen URL filtering and Application Reputation provides the best protection available against malware attacks.
Protection from attacks on web sites
Even “good” web sites can sometimes have security vulnerabilities that can allow malicious sites to steal your data or perform actions as if they were you. Internet Explorer helps protect you with the XSS Filter, which automatically prevents certain types of attacks and makes it easier for Web sites to secure themselves with Declarative Security features, like IE10’s support for the HTML5 Sandbox.
Protection against attacks on the browser or operating system
Automatic updating ensures that you have the latest updates installed. This protects you against security issues that have already been fixed. Internet Explorer 9 added significant memory protection features to make it harder to exploit certain types of vulnerabilities, which were enhanced in IE10. We also added a new layer of protection in IE10 called Enhanced Protected Mode.
More Information:
What operating systems does Internet Explorer 10 run on?
Internet Explorer 10 is supported on the following operating systems and platforms:
- Windows 8
- Windows Server 2012
- Windows 7 SP1
- Windows Server 2008 R2 with SP1
Which security features are new or improved in Internet Explorer 10?
Internet Explorer 10 supports enhanced memory protection and the HTML5 sandbox attribute, as well as Enhanced Protected Mode.
The HTML5 sandbox attribute enables security restrictions for iframe elements that contain untrusted content. These restrictions enhance security by preventing untrusted content from performing potentially malicious actions. For more information, see HTML5 sandbox attribute on the Internet Explorer Developer Center.
Enhanced Protected Mode provides additional security. It's enabled by default in Internet Explorer, and can be enabled for Internet Explorer for the desktop through Group Policy and Internet Options on the Tools menu.
What privacy features are new or improved in Internet Explorer 10?
The privacy features in Internet Explorer 9 persist in Internet Explorer 10, including Tracking Protection functionality, which helps protect users from being tracked online or when using the InPrivate browsing mode.
What improvements does Internet Explorer 10 provide in supporting modern web standards such as HTML5?
- HTML5 (Asynchronous script execution, AppCache API, channel messaging, drag-and-drop APIs, history, parsing, Sandbox, Spellcheck, video, Web Workers, WebSockets).
- Cascading Style Sheets, Level 3 (Advanced Layout, Visual Effects, Panning and Zooming, Removal of Style Sheet limits).
- Document Object Model (advanced hit-testing APIs, media query listeners, XMLHttpRequest enhancements, and pointer and gesture events).
- Indexed Database API.
- Scalable Vector Graphics (SVG, filters).
Does Internet Explorer 10 add any new Group Policy settings?
Internet Explorer 10 includes the nearly 1,500 Group Policy settings from Internet Explorer 9 that IT pros can use to manage and control the web browser configuration. It also provides new Group Policy settings to support its new features. These include:
- Do not allow ActiveX controls to run in Protected Mode when Enhanced Protected Mode is enabled
- Turn on Enhanced Protected Mode
- Allow websites to store application caches on client computers
- Allow websites to store indexed databases on client computers
- Set application cache storage limits for individual domains
- Set application caches expiration time limit for individual domains
- Set default storage limits for websites
- Set indexed database storage limits for individual domains
- Set maximum application cache individual resource size
- Set maximum application caches storage limit for all domains
- Set maximum indexed database storage limit for all domains
- Start Internet Explorer with tabs from last browsing session
- Turn off URL Suggestions
- Open Internet Explorer tiles on the desktop
- Set how links are opened in Internet Explorer
- Set the maximum number of WebSocket connections per server
- Turn off the WebSocket Object
- Do not display the reveal password button
- Install new versions of Internet Explorer automatically
- Enable dragging of content from different domains across windows
- Enable dragging of content from different domains within a window
- Always send Do Not Track header
- Notify users if Internet Explorer is not the default web browser
- Turn off Adobe Flash in Internet Explorer and prevent applications from using Internet Explorer technology to instantiate Flash objects
- Turn off flip ahead feature
The official IE blog states that for stopping direct malware attacks via websites, IE10 uses a combination of SmartScreen URL filtering and Application Reputation features. For websites that are normally trusted but become infected by malware, IE10 users can use the XSS Filter that is made to fight off these kinds of exploits. Finally, IE10 has more memory protection features and its Enhanced Protected Mode.
See Also
Important Considerations before upgrading to Venafi TrustProtection Platform 14.1
Comments