IE 7: No Phishing Allowed

By Dennis Fisher  |  Posted 2005-02-21 Email Print this article Print
 
 
 
 
 
 
 

Bill Gates used his opening keynote speech at the RSA Conference here Tuesday to preview the next version of Internet Explorer.

Bill Gates used his opening keynote speech at the here Tuesday to preview the next version of Internet Explorer, which has lost a sizable chunk of its market share of late to open-source challenger Firefox.

The announcement was a bit unexpected, given that Microsoft Corp. has done little in the way of development or marketing for IE in recent years. Microsoft will release a beta of the new browser this summer, but that version will be compatible only with Windows XP Service Pack 2.

The full version of IE 7.0 will be included in "Longhorn," which is due next year. Gates said the new version will include significant security upgrades, namely technologies to help prevent URL spoofing in phishing attacks.

"Browsing is definitely a point of vulnerability," said Gates, chairman and chief software architect at Microsoft, based in Redmond, Wash.

It's unclear exactly what kind of phishing protection Microsoft plans to offer, but it will likely include technology to detect spoofed Web sites, a key to phishing attacks.

Gates also said that Microsoft plans to release its own anti-virus product by year's end, based on the technology it acquired through the purchase this month of Sybari Software Inc. He didn't provide details on how the product will be delivered or what the license structure will be. But it will likely be similar to Sybari's offerings and include support for IBM's Lotus Notes, as well as Microsoft Exchange.

Sources with knowledge of the company's plans said Microsoft is treading carefully with the anti-virus release so as not to conflict with other anti-virus vendors, many of whom are Microsoft partners.

Gates also spent a lot of time discussing the company's recent AntiSpyware beta release. More than 5 million people have downloaded the beta, and Gates said the full version will be free when it is available later this year.

"We've made that decision because we feel that these are features that we think should be available to protect every PC," Gates said.

To monitor and update the AntiSpyware tool, Microsoft has created a site called SpyNet through which customers can submit information on software they think may be spyware. Microsoft researchers analyze each submission and, if necessary, create a new signature to detect new malicious code. During a demonstration of the tool, a Microsoft product manager showed how the software can protect PCs while users are browsing the Internet—as well as with scheduled scans.

When used in conjunction with IE 6.0 SP1, AntiSpyware can prevent spyware from installing in the background and warns users whenever an unknown app attempts to install itself. The tool can also eliminate the problems caused by JavaScript windows that spyware programs use to hide dialog boxes warning users about unsafe content or downloads.

Gates also formally announced that Microsoft plans to move to a common updating and patching tool for all its products, to be called Microsoft Update. Microsoft executives have been discussing this move for some time, but Gates provided more details. Consumers and enterprises will use AutoUpdate to patch individual PCs or small groups of machines. Enterprises will have the choice of using Windows Update Service or SMS, and all fixes will come from a common database.

This was Gates' second consecutive opening keynote at RSA. Last year he unveiled Microsoft's Active Protection technology, as well as many of the security improvements included in SP2 for Windows XP.

Gates said the company is pleased with the rate of customer acceptance of SP2. "That has gone super, super well," he said.

 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...