Bolstering Protected Mode

Internet Explorer 7 introduced Protected Mode, a defense-in-depth security feature which relied upon the Windows Vista Integrity Levels (IL) system to mitigate drive-by attacks against the browser. Internet Explorer 10 introduced a stronger version of that feature, called Enhanced Protected Mode (EPM), which goes beyond the legacy IL system and provides isolation using the Windows…

0

“Continue” Link Missing from Certificate Error Page?

A user recently reported that IE11 wasn’t showing the “Continue” link on the certificate error page shown when visiting their 2009-era router’s configuration UI. They were curious why that link wasn’t shown in this instance. The error page’s Continue link is hidden: If the certificate is revoked If the certificate is deemed insecure (e.g. contains…

8

Strict P3P Validation

Internet Explorer offers users many tools to help protect their privacy, including InPrivate Browsing, cookie controls (including P3P), and Tracking Protection Lists. In February of 2012, the IE team described how a misleading P3P statement was being used to circumvent users’ privacy settings. Default P3P Restrictions Internet Explorer’s default settings restrict the use of 3rd…

3

Braindump: DNS

Note: The “brain dump” series is akin to what the support.microsoft.com team calls “Fast Publish” articles—namely, things that are published quickly, without the usual level of polish, triple-checking, etc. I expect that these posts will contain errors, but I also expect them to be mostly correct. I’m writing these up this way now because they’ve…

10

Braindump: ActiveX in Windows 8

Note: The “brain dump” series is akin to what the support.microsoft.com team calls “Fast Publish” articles—namely, things that are published quickly, without the usual level of polish, triple-checking, etc. I expect that these posts will contain errors, but I also expect them to be mostly correct. I’m writing these up this way now because they’ve…

7

Understanding Zone Elevation

The security setting “Websites in less privileged web content zone can navigate into this zone”:   … is one that leads to more questions than almost any other. This setting, also known as Zone Elevation protection, was originally designed to prevent navigation from untrusted Internet content into the highly-trusted Local Machine Zone. Prior to Internet…

2

Debugging in IE10 on Windows 8

Emulating the “non-Desktop Experience” in the Desktop Experience The new full-screen “fast and fluid” experience of IE10 on Windows 8 offers many improvements over Internet Explorer 10 on the Desktop (ranging from UX to Security), but one thing it lacks is the F12 Developer Tools, used by web developers to debug web pages. While you…

6

Networking Improvements in IE10 and Windows 8

Internet Explorer 10’s networking code builds upon the performance improvements in IE9 (caching, overall networking) to help ensure that IE10 loads pages as quickly as possible. In IE10, we identified a few key areas for improvement based on customer feedback, code inspection, and telemetry data. Our efforts fall into two major categories – enhanced caching,…

5

Content-Length and Transfer-Encoding Validation in the IE10 Download Manager

Back in March of 2011, I mentioned that we had encountered some sites and servers that were not sending proper Content-Length headers for their HTTP responses. As a result, we disabled our attempt to verify Content-Length for IE9. Unfortunately, by April, we’d found that this accommodation had led to some confusing error experiences. Incomplete executable…

7

Understanding Enhanced Protected Mode

Last week, Andy Zeigler announced the introduction of Enhanced Protected Mode (EPM) over on the IEBlog. In today’s post, I’d like to provide further technical details about EPM to help security researchers, IT professionals, enthusiasts, and developers better understand how this feature works and what impact it may have on scenarios they care about. Internet…

53