I n the past, add-ons to Internet Explorer – ActiveX controls, browser extensions, and toolbars – could sometimes become a problem. While many add-ons are useful, some can be unwanted or cause crashes. For example, several advertising companies use add-ons to cause their own pop-up advertisements to display when the user views a Web page with related content.
The new version of Internet Explorer in Windows XP SP 2 includes add-on management and crash detection. Add-on Management allows users to view and control the list of add-ons that can be loaded by Internet Explorer. It also shows the presence of some add-ons that were previously not shown and could be very difficult to detect.
Add-on Crash Detection attempts to detect crashes in Internet Explorer that are related to an add-on, and gives the user the option to disable add-ons. In addition, administrators can now apply policies about allowed add-ons across an enterprise.
Internet Explorer has supported binary behaviors since version 5. A binary behavior is a component that supports two special COM interfaces that Internet Explorer will recognize and use. A binary behavior can add even more functionality to Internet Explorer than can be accomplished with scripts. In the version of Internet Explorer shipped with Windows XP SP2, there is a way to better control binary behavior security.
Binary behaviors are now disabled in the Restricted Sites zone by default. Since HTML-formatted e-mail is rendered in the Restricted Sites zone by default in most e-mail readers, e-mail is now less vulnerable to viruses and worms based on binary behaviors.
When Internet Explorer opens a Web page, it places restrictions on what the page can do, based on the location of the Web page. For example, Web pages that are located on the Internet might not be able to perform some operations, such as accessing information from the local hard drive.
On the other hand, Web pages on the local computer are in the Local Machine zone, where they have the fewest security restrictions. The Local Machine zone is an Internet Explorer security zone, but is not displayed in the settings for Internet Explorer. The Local Machine zone allows Web content to run with fewer restrictions. Unfortunately, attackers also try to take advantage of the Local Machine zone to elevate their privileges and compromise a computer.
In Windows XP Service Pack 2, all local files and content that is processed by Internet Explorer has the security of the Local Machine zone applied to it. This differs from previous versions, where local content was considered to be secure and had no zone-based security was placed on it.
This feature dramatically restricts HTML in the Local Machine zone and HTML that is hosted in Internet Explorer. This helps to mitigate attacks where the Local Machine zone is used as an attack vector to load malicious HTML code.
ActiveX script in local HTML pages that are viewed inside of Internet Explorer no longer runs. Script in local HTML pages viewed inside of Internet Explorer now prompts the user for permission to run. Administrators and developers who have scripts that need to run in local HTML pages should read about this issue in http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwxp/html/securityinxpsp2.asp.
A s we discussed in the context of attachments to messages, files types can be identified in many ways, including "sniffing" the contents for recognizable internal bit signatures. When files are served to the client, Internet Explorer uses the following pieces of information to decide how to handle the file:
File name extension
Content-Type from the HTTP header (MIME type)
Content-Disposition from the HTTP header
Results of the MIME sniff
I n Windows XP Service Pack 2, Internet Explorer
| 