Personal Tech Pipeline | Windows Browser | Microsoft Beefs Up IE 7 Security
<A HREF="http://as.cmpnet.com/event.ng/Type=click&amp;FlightID=48965&amp;AdID=81855&amp;TargetID=315&amp;Segments=115,1411,2549,2690,3108,3448,4751,6918&amp;Targets=315,2164,2625,2878,5028&amp;Values=34,46,51,63,77,85,90,100,140,203,222,227,442,645,646,659,1184,1405,1431,1716,1767,1785,1798,1901,1925,1945,1970,2217,2299,2310,2329,2352,2678,2787,2862,2878,2956,3235,3256,3347,3385&amp;RawValues=&amp;Redirect=http://www.thesmbadvantage.com" target="_top"><IMG SRC="http://i.cmpnet.com/ads/graphics/as5/ht/custom/HewlettPackard/WW/hsw_5011_CMP_728x90_ul.jpg" WIDTH=728 HEIGHT=90 BORDER=0></A>

White Papers

Sponsor Resources

WebCasts
Free Newsletter GlossaryContact UsAbout Us
Players & CamsPhones & PDAsHome & AutoOnline

October 25, 2005

Microsoft Beefs Up IE 7 Security



Courtesy of TechWeb News

Microsoft will dump SSL 2.0 encryption in the upcoming Internet Explorer 7 for a stronger security protocol, TLS 1.0, the IE 7 development team has revealed.

The default settings for the HTTPS protocol in IE 7 will be for TLS (Transport Layer Security) 1.0. In the current Internet Explorer, TLS must be enabled by the user, via the Tools/Internet Options/Advanced menu.

IE 7 will also block access to Web sites that offer up a problematical digital certificate. If a certificate's been issued to a host name other than the URL's actual hostname, or the certificate was issued by an untrusted root domain, IE 7 will put up a message that explains the problem. If the user chooses to proceed, IE 7 will tint the address bar red as an additional warning.

Additionally, said IE program manager Eric Lawrence in the group's official blog, the Windows Vista version of IE 7 -- the browser will come in two editions, one for Vista, the other for the current Windows XP SP2 operating system -- will include new encryption algorithms, such as AES (Advanced Encryption Standard).

"Generally, IE users will not notice any difference in the user-experience due to this change; it’s a silent improvement in security," explained Lawrence.

Web site owners, he said, will have to make only a simple change, if that. "Our research indicates that there are only a handful of sites left on the Internet that require SSLv2," he said. "Adding support for SSLv3 or TLSv1 to a website is generally a simple configuration change."

SSL 2.0, the protocol IE's abandoning, has been used by attackers to breach and compromise systems. In April 2004, Microsoft revealed a vulnerability in Windows servers involving SSL 2.0. And earlier this month, OpenSSL disclosed a vulnerability that could force users' machines to negotiate with servers with the more-vulnerable SSL 2.0.

E-mail This Story
Print This Story
Reprint This Story




Get the latest Personal Tech news, product info, and trends every week.


Related Content

  Right-click and choose Copy to extract RSS Feed URL  Personal Tech Pipeline's Main RSS Feed
  Right-click and choose Copy to extract RSS Feed URL  Personal Tech Pipeline's Blog RSS Feed



Keeping Up To Date On Enterprise Server Tech?
Review our compilation of columns on server security, database software, and Linux issues.
Unleash the Power & Opportunity of Grid Computing
Experts will identify trends in grid computing, provide
examples and examine solution options.
Using Current Performance to Shape
Future Results

Hear new strategies for improving business
performance and results.

Editor's Picks

Well, Microsoft has "unfolded" its "Origami" ultra-mobile PC platform Thursday. It turned out to be a full-featured PC smaller than a tablet but bigger than a PDA. Are you impressed?
Yes! I want one!
Sort of. We'll see.
No! It's too big for a pocket and too small for real computing. What's the point?


In search of personal tech products? See our new Product Finder, where you'll find personal computing devices, communications solutions, security products, and more.



PERSONAL TECH PIPELINE MARKETPLACE (sponsored links)
Four Points of Network Convergence
The convergence of networking technologies today is creating powerful new ways for enterprises to improve�their performance. Access a series of white papers to learn how developing a roadmap can benefit your enterprise.

Block or Secure IM Use
IM threats up 250%. Protect your corporate network. Free Download.

Network & Application Performance doc downloads
Free white papers, buyers guide, application notes, industry articles, and more. NetScout's nGenius Solution provides network performance management and application monitoring for complex enterprise networks.

Re-energize Your Email System in Just Two2 days!
INBOX: The Email Event, May 31-June 1, 2006. Discover best options, implement more effecient systems, meet the providers who can solve your system's pain points! Security, authentication, reputation, anti-spam and holistic threats and much more!

Policy Management vs Vulnerability Scanning
Which is right for you? Vulnerability scanning products test for known vulnerabilities. Policy management products are pro-active by locking the doors in advance of a possible attack. Click to request our white paper.


Buy a Link Now


Top ten search terms from the TechWeb TechEncyclopedia
Simplify identity management: Read Quest's "Get to One" white paper.
Mobilized Solutions Guide: Find and compare solutions for your business
Top Requested White Paper Categories from TechWeb White paper Library
Top ten search terms from the TechWeb TechEncyclopedia