Professional Documents
Culture Documents
Internet Explorer
Internet Explorer
Windows 7 includes Internet Explorer 8. This version of Internet Explorer includes the latest security and
usability improvements included with the standalone version of Internet Explorer 8, released for Windows
Vista earlier in 2009. In addition, this version of the browser benefits from new user interface features of
Windows 7. Those improvements are the focus of this module.
Goals
At the end of this module, you should be able to:
• Discuss touch usage of Internet Explorer in Windows 7.
• Demonstrate the usage of Internet Explorer on the Windows 7 taskbar.
Delivery Note
Delivery Note: This module assumes that the student has already taken the previous standalone Internet
Explorer 8 training that was published previously. This module will cover the features of Internet Explorer 8
that are specific to Windows 7. If you need access to the standalone Internet Explorer 8 training, it is
available from the appendix at the end of this module.
Touch
Internet Explorer 8 in Windows 7 has been optimized to take advantage of the new touch functionality that
has been introduced with Windows 7. Internet Explorer 8 in Windows 7 makes use of the following gestures.
• Tap to click
• Press and hold or press and tap with second finger to right click
• Scroll
• Pinch to zoom
• Tap with two fingers to zoom
Because of the different sizes of fingers and the various ways people touch the screen, touch tends to be
less accurate than mouse clicking. To address this, Internet Explorer makes a few of the commonly used
features easier to target. When the Favorites Center or Address Bar is invoked with Touch, IE will put more
spacing between items so it is easier to touch the link you want. The close button on tabs also has a taller hit
target.
Here’s an example of how the items in the Favorites Center are more spaced out when using touch.
Jump List
Internet Explorer takes advantage of the new Windows 7 Jump List feature by customizing the tasks
available in that list. In addition to being able to quickly navigate to your most frequently accessed sites, you
can also use the Tasks section to do either of the following:
• Start a new InPrivate Browsing Session
• Open a new tab
This behavior is configurable in the tabbed browsing settings of Internet Explorer using the option titled
"Show previews for individual tabs in the taskbar".
Note: This functionality is documented on MSDN so that other browsers and applications can take
advantage of this same functionality in the future.
Appendix
This appendix reproduces the contents of the Internet Explorer 8 support training materials, with the
exception of setup.
Deliver peace of mind that you are using the safest, most reliable version of Internet Explorer to date
Make Web development faster and easier, thanks to interoperability with standards and improved tools
Enable experiences that reach beyond the page through new browser features
Internet Explorer 8 encourages developers to adopt standards across the Web. To encourage the
development of standards, by default, Internet Explorer 8 will run in Standards mode. Security, ease of
use, and improvements in RSS, CSS, and AJAX support are its priorities for Internet Explorer 8, together
with significantly better support of Web standards than earlier versions of Internet Explorer.
Internet Explorer 8 will be made available to users who are running Windows XP and Windows Vista, and
Internet Explorer 8 will also be included as part of Windows 7 when it is released.
This section describes some new improvements that are introduced for the Address bar in Internet
Explorer 8. These improvements include the following:
Domain Highlighting
Delete items
Domain Highlighting
Internet Explorer 8 automatically highlights what it considers to be the owning domain for whatever site
that users are currently viewing. This highlight helps users identify the real site that they are visiting, and
this highlight can help them identify when Web sites are trying to deceive them. The following screen shot
shows how Domain Highlighting in Internet Explorer 8 can help users spot these attempts to deceive:
With Internet Explorer 8, it should be clearer that you are visiting a Web site that is owned, for example, by
badsite.com instead of by Microsoft.com. Domain Highlighting calls out what Internet Explorer 8
recognizes as the owning domain for the purposes of making security decisions. Domain Highlighting does
not make any security guarantees in itself. However, Domain Highlighting gives users more information to
determine whether to trust the site, based on their own experience.
Domain Highlighting will “disappear” if the user rests over or clicks somewhere in the Address bar. This feature
lets users edit, copy, or paste a URL without the distraction of the highlighting.
Domain Highlighting cannot be turned off by users or Web sites. It works in concert with other information that is
provided in the Address bar, such as SmartScreen filter warnings or HTTPS certificate information. Domain
Highlighting appears on all versions of Windows that Internet Explorer 8 supports: Windows Vista, Windows
Server 2008, Windows Server 2003, and Windows XP.
When Domain Highlighting is used with SSL or EV SSL sites, both the owning domain and the HTTPS protocol are
highlighted.
Delete items
Delete any item in the dropdown by clicking the red X.
Paste multiline URLs
Internet Explorer 8 automatically strips out excess carriage returns and line feeds within a URL when it is
pasted into the Address bar. Many Web e-mail applications automatically split long lines into multiple
lines, and these multiple lines meant you could not easily copy and paste these lines into the browser.
Users can now highlight an entire URL, no matter how many lines it spans, and paste it directly into the
Address bar.
Example If you copy and paste the next three lines into the Address bar of Internet Explorer 7, only the first line,
http://b, an incomplete fragment of the entire URL, appears:
http://bl
ogs.msdn.
com/ie
However, in Internet Explorer 8, the following entire URL appears in the Address bar:
http://blogs.msdn.com/ie
Single-click within a URL to insert the caret. This allows the user to make an in-line edit easily.
Double-click within a URL to select the word (Words are delimited by common characters like slashes).
What is a WebSlice?
The new Internet Explorer 8 WebSlice feature enables you to see when updated content (such as auction
prices or latest headlines) is available from your favorite websites. A WebSlice is a piece of a webpage (a
“slice”) that you can subscribe to. When you subscribe to a WebSlice, it appears as a shortcut on the
Favorites bar.
Note: WebSlices will only appear on web pages that provide support for WebSlices. As of today, websites
such as eBay, Facebook and Stumble Upon have added support for WebSlices.
Using WebSlices
There are two ways to see when a WebSlice is available on a webpage. One is that the WebSlice button
changes color on the Command bar:
When you hover over a WebSlice on a webpage, you will also see a WebSlice icon appear next to the
content that you can add to your Favorites bar. For example:
To add a WebSlice to the Favorites bar, you can either click the WebSlice button on the Command bar or
click the WebSlice icon on the page.
In Internet Explorer 8, the text on a Favorites bar shortcut will give an indication of the item’s status. You
will be able to tell whether or not the WebSlice has been updated since you last used it (the text is bold)
and also if the WebSlice is expiring (the text will be bold and italicized) or has expired (the text will be
gray). This information is especially worthwhile, for example, with auction items.
The Internet Explorer 8 Favorites bar allows you to preview the updated WebSlice content without leaving
the website you’re currently viewing. Simply click the WebSlice shortcut on the Favorites bar to bring up a
rich preview of the webpage, which you can then click to go to the website itself.
WebSlice Preview:
Clicking on the WebSlice button adds the WebSlice to the Favorites bar. In the background, IE checks for
updates on a schedule. When IE finds an update, the item on the Favorites bar becomes bold. You can
click on the item to view the details.
To subscribe to a feed and monitor it on the Favorites bar, you first click the Feed Discovery button to view
the feed, and then click Subscribe to this Feed on the feed page. To then monitor this feed on the Favorites
bar, click the Add to Favorites button, and then click Monitor on Favorites Bar. You can also drag and drop
a feed or an entire folder of feeds from the Favorites Center to the Favorites bar.
By clicking on a Feed shortcut on your Favorites bar, you can quickly identify which feed items you have
already read (they will be in plain text) and which you have yet to read (they will be bold).
Buttons on the Favorites Bar can be shortened
To allow more Links Bar buttons to be visible at the same time, you can now change how much of the
buttons are displayed
• Icons only
• Short text
In addition to adding a link through the "Add to Favorites" button, you can drag and drop links onto the Favorites
bar, drag the webpage icon from the Address bar to the Favorites bar or drag a link from a webpage directly to
the Favorites bar.
You can rearrange items on your Favorites bar by dragging items from one spot to another or by creating folders
and organizing your favorite links, WebSlices, and feeds by dragging and dropping items into the folders.
When an item within a folder updates, you will see the updated status on the folder itself. If a folder is not bold,
you will know that nothing has updated within that folder without even opening it.
Navigating with the Favorites bar is convenient as well. To put focus on the first item on the Favorites bar, press
ALT+B.
Like regular links, the Favorites bar supports tab and window shortcuts. For example, you can Ctrl+Click or
Middle-click on an item (or a folder) on the Favorites bar and this item (or the contents of this folder) will open in
a new tab (or tabs) in the background.
Similarly, Ctrl+Shift+Click on an item on the Favorites bar will open up this item in a tab in the foreground.
Compatibility View
Internet Explorer 8 will introduce a change in the way that it interprets and renders most web pages. This
is in an effort to more strictly adhere to web standards than previous versions of Internet Explorer have. By
more strictly adhering to published web standards, we aid web developers by allowing them to write one
version of a web page without having to account for the quirks and eccentricities Internet Explorer had in
the past when rendering a page.
This may create new issues however, since the majority of web pages that have been created thus far were
already taking the Internet Explorer deviations from the standard into account. Web developers in that
past had to create additional browser specific code to handle the differences in the way that various
browsers rendered web pages. By changing the way that pages are rendered, pages in Internet Explorer 8
may no longer render the same way that Internet Explorer 7 did, which could cause some layout errors or
broken functionality on that page.
Until these web pages are modified to conform to web standards instead of including browser specific
code for prior versions of Internet Explorer, it will be necessary in some cases to force Internet Explorer 8
to go back to the old way of rendering pages. To accomplish this, Internet Explorer includes a new feature
known as "Compatibility View"
Compatibility View
If you navigate to a website that fails to render properly because of the new IE8 standards mode, you can
toggle the Compatibility View button in the address bar. This will cause the web page to refresh and the
page will render as it would have in Internet Explorer 7
Enabling Compatibility View causes IE8 to use the IE7 user agent string, version vector and layout modes.
Default Internet Explorer reports the IE8 user agent string and use the IE8 layout modes
Compatibility View enabled Internet Explorer reports the IE7 user agent string and uses the IE7 layout modes
If a customer runs into a web page that fails to render properly in Internet Explorer 8, they click the
Compatibility View button in the address bar (which resembles a torn piece of paper). Upon clicking the
Compatibility View button, the page will refresh and balloon prompt will appear letting them know that
pages in that domain are now being viewed in Compatibility Mode.
Compatibility View is domain specific. This means that if you enable Compatibility View for a web page
somewhere on http://beta.weather.aol.com for example, Compatibility View will be applied to all web
pages hosted anywhere on AOL.com.
Once the Compatibility View button is selected for a domain, it will stay enabled for that domain until the
user disables it. You can view the list of domains that Compatibility View has been enabled for through a
new entry in the "Tools" menu called "Compatibility View Settings"
Removing a domain from the Compatibility View list can happen in one of two ways.
1. Visit a web page in the domain and toggle the Compatibility View button in the address bar to
disabled.
2. Open the Compatibility View Settings button from the menu option in the Tools menu and remove
the domain from the list.
From the Compatibility View Settings dialog, you can see that we have a few other options that control the
behavior of Compatibility View in IE8.
We can manually pre-populate the list of domains for which we want Compatibility View applied.
We can configure whether or not intranet sites are viewed in Compatibility View. Compatibility View is disabled
by default for company intranet sites.
We can choose whether or not to use the Site Compatibility list provided by Microsoft.
When users install Internet Explorer 8, they get a choice about opting-in to a list of sites that should be
displayed in Compatibility View. Sites are on this list based on feedback from other IE8 customers:
specifically, for what high-volume sites did other users click the Compatibility View button? This list
updates automatically through Windows Update, and helps users who aren’t web-savvy have a better
experience with web sites that aren’t yet ready Internet Explorer 8.
• The sites on the list are based on objective criteria applied to telemetry data as well as product
support channels. For example, in addition to the top sites worldwide, we determine high-volume
on a market-by-market basis; the top 50 sites in one region of the world might be very low on the
world-wide list of top sites, but are important to include for those customers.
• The data we collect from IE8 beta users is the top level domain of the website and whether the
user chose Compatibility View while visiting that site (please see the IE8 Privacy Policy for more
information).
• We will regularly revisit the need to offer this list to users at all.
The choice to opt-in to receiving and using the Site Compatibility list is presented to the user the first time
they launch Internet Explorer 8, as shown in the image below:
A user can also configure whether or not Internet Explorer 8 will use the site compatibility list in the
Compatibility View settings dialog.
You can view the list that is distributed by Microsoft by opening Internet Explorer 8 and navigating to the
following address: res://iecompat.dll/iecompatdata.xml
For more information about the site compatibility list in Internet Explorer 8, please see the following
resource:
• IEBlog: Compatibility View Improvements to come in IE8
http://blogs.msdn.com/ie/archive/2008/12/03/compatibility-view-improvements-to-come-in-ie8.aspx
Accelerators
Accelerators in Internet Explorer 8 make it easy to do these common look-up tasks by providing direct
access to these online services right on the context menu.
Accelerators are contextual services to quickly access a service from any webpage. Users typically copy and
paste from one webpage to another. Internet Explorer 8 Accelerators make this common pattern easier to
do.
An example of a popular Accelerator is a mapping service. With this Accelerator, you can highlight an
address anywhere on the webpage, select you map service of choice, and see a preview of the location
immediately. Clicking on the map opens a new tab to the full mapping website where you can get driving
directions, aerial view and more features.
Find products from eBay View active auctions for the selected product.
Lookup website reviews with See how other people rate the current website that you’re on.
StumbleUpon
Share with Facebook Add interesting sites to your Facebook profile for your friends to
see.
Discovery with Me.dium Find related sites from your friends and community on Me.dium.
Accelerators typically involve two types of scenarios: "look up" information within a webpage or "send"
web content to a web application. For example, a user is interested in a restaurant and wants to see the
location of it. This is the form of a "look up" Accelerator where the user selects the address and views an
in-place view of the map using his favorite map service.
An example of a "send" Accelerator is a user reads an interesting article and wants to blog about a portion
of the article. The user can select a portion of the article and uses the blog Accelerator. This navigates to
the user’s blog site with the selection already available in the edit field.
Search Improvements
Search for content has been further improved in Internet Explorer 8. It is now easier to find content on the
Internet through Search Suggestions, and also find content on the page in front of you with the new inline
page searching.
Search suggestions
In order to help you issue better search terms, faster, we’ve implemented search suggestions in the search
box dropdown. In Internet Explorer 7 as you typed in the search box, you would see a list of auto-
complete terms. Now in Internet Explorer 8, in addition to the auto-complete terms, you will see
suggestions.
These suggestions can take three forms, text suggestions, link suggestions and instant answer suggestions.
A text suggestion is a suggestion for a different search term and will take you to a search results page. A
link suggestion is a link which will take you to a webpage (possibly search results but possibly not). An
instant answer suggestion is a suggestion that includes an image. The image might tell you some
information such as when searching for Seattle weather, or it may just give you a preview of what you are
about to search for such as below.
Search suggestions can be turned on or off for any search providers that support Search Suggestions
through the new Manage Add-ons interface.
Manage Add-Ons
Manage Add-ons has been completely re-written for Internet Explorer 8 to address many of the
shortcomings that existed with previous versions of the tool. It has also been extended to support
managing more plug-ins and providers
• Users can now run Manage Add-Ons while in No Add-Ons Mode
• Manage Add-Ons supports the following updates:
• It supports multi-select. Select as many add-ons as you want and enable/disable them all with a
single click
• It supports context menus in the list view (you can right-click to bring up actions & options)
• You can now manage all your 3rd party extensibility objects from within Manage Add-Ons:
• We've added support for Explorer Bars on top of ActiveX Controls, Toolbars, Browser Helper
Objects, and Browser Extensions
• You can manage per-user and per-site ActiveX controls (which are new to Internet Explorer 8)
• You can manage your Search Providers
• You can manage Activities
• We've made it easy to get more information
• Links in Manage Add-Ons provide direct access to sites designed to help users find new add-ons,
search providers, activities, and more
• There are context-sensitive help links
• For ActiveX Controls, Toolbars, BHOs, and the like, there's a one-click "Look this add-on up on my
default search provider" so that non-technical users can more easily find information about an
installed add-on
• Users can also manage Per-User and Per-Site ActiveX controls from Manage Add-Ons
Some add-ons will continue to show up with blank name, visible GUIDs, without publishers, etc. This is a
limitation of the add-on types in question. However, Manage Add-Ons is now more robust and aggressive
about digging for useful information from installed add-ons, so users are more likely to see information
that they can use to decide whether or not to trust a given add-on.
According to an analysis of Windows Error Reporting data, over 70% of all IE hangs and crashes are caused
by 3rd-party add-ons. We work closely with software vendors of the most frequently installed IE add-ons
to help improve the quality of their add-ons. However, due to the large number available add-ons, it is
difficult to provide outreach to every developer.
Tabs are isolated from This gives IE the opportunity to isolate many failures to the tab process, thereby
the frame, and are reducing the amount of damage done to the rest of your browsing session.
located in separate
processes
The frame and the This is a win for startup performance. The broker object is responsible for examining a
broker object are URL, and determining if it should be loaded under Protected Mode or not, and
located in the same launching IE at the appropriate integrity level. We no longer have to wait for the
process protected mode broker object’s process to startup before loading the rest of the
browser.
Low and Medium The Windows Integrity Mechanism operates on a per-process basis. Now that we can
integrity tabs can reside place tabs into their own processes, we can turn Protected Mode on or off on a per-
in the same UI frame tab basis. This is a big usability improvement. You no longer need separate browser
windows to view sites in and out of protected mode.
Although these are all internal architecture changes, you can see their effect in a few different ways.
For example, on a computer running Windows Vista, open Internet Explorer, browse to some websites,
and then open an HTML page from your computer’s hard disk. Notice that the page will open in a tab in
the same window, alongside the tabs that are already there. Previously, we would have shown a dialog
that said, “Internet Explorer needs to display this webpage in a new window”. This is because Internet files
must run in Protected Mode, and local files must open outside of Protected Mode, and a single process
runs with only one integrity level. With LCIE, we simply create two tab processes: one with Protected
Mode on for your Internet files and one with Protected Mode off for your local files.
Automatic Crash Recovery
Automatic Crash Recovery (ACR) is a feature of Internet Explorer 8 that can help to prevent the loss of
work and productivity in the unlikely event of the browser crashing or hanging. The ACR feature takes
advantage of the Loosely-Coupled Internet Explorer feature to provide new crash recovery capabilities,
such as tab recovery, which will minimize interruptions to users’ browsing sessions.
Most software applications are tools that enable people to be more productive. Microsoft® Office, the
world’s most popular productivity application suite, thrives on making people more productive. Part of
making people more productive is helping to protect them from losing their work. Nearly everyone at
some time has experienced work loss and knows the frustrations associated with losing important data.
Users already do lots of work in their browsers. Some examples of such work are:
COMPOSITIONAL Compositional work involves writing or creating new content. Composing is hard work; it
WORK can be time intensive and extremely painful to lose. Some examples are:
E-mail messages
Blog posts
CONTEXTUAL Contextual work is “soft work” that is manifested in the state of the browser. It may not be
WORK as painful to lose this type of work, but it is nevertheless frustrating when it happens.
Examples include:
Information search and retrieval (search and navigation)
Shopping carts
Travel Log
The ACR feature will help prevent contextual and compositional work loss in the unlikely event of a crash,
hang, or an accidental application closure.
Architecture
The ACR feature takes advantage of the Loosely-Coupled Internet Explorer feature, which isolates the UI
Frame from the Tab set by keeping them in separate processes, as shown in the following diagram.
Over 70% of all Internet Explorer crashes and hangs are caused by extensions, such as ActiveX® controls,
Browser Helper Objects (BHOs), and Toolbars. By isolating extension code in the tab process, we can
protect the integrity of the browser and limit many failures to the tab process.
The ACR feature consists of an object in the Frame that acts as a virtual flight data recorder that can back
up essential data from the tab processes, including:
The following diagram shows the high-level architecture of the ACR feature.
In the event of an entire browser crash (Frame crash), or an unexpected system shutdown, the persistent
backing store enables recovery.
User Interface
The ACR feature has the following interface features:
Tab Recovery
When a crash or hang is successfully recovered, Internet Explorer notifies the user by displaying a caption
bubble on the tab, as shown in the following screen shot.
Frame Recovery
If a failure cannot be prevented from cascading into the frame, or an unexpected shutdown occurs, such as
an accidental power loss, Internet Explorer can restore the user's last tab set, as shown in the following
screen shot.
InPrivate Browsing
InPrivate Browsing prevents Internet Explorer from storing data about your browsing session. This helps
prevent anyone else who might be using your computer from seeing where you visited and what you
looked at on the Web. When you start InPrivate Browsing, Internet Explorer opens a new window.
The protection that InPrivate Browsing provides is only in effect while you use that window. You can open
as many tabs as you want in that window, and InPrivate Browsing will protect all those tabs. However, if
you open another browser window, InPrivate Browsing will not protect that window. To end your InPrivate
Browsing session, close the browser window.
• Open a new tab, and then, on the new tab page, click Open an InPrivate Browsing window.
When InPrivate Browsing is turned on, you see this indicator in the Address bar:
When you end an InPrivate Browsing session, information such as cookies, temporary Internet files,
history, passwords, form data, searches, and typed Web addresses are not recorded.
The following table describes which information Private Browsing discards when you close the browser
and how the information is affected during your browsing session:
Cookies Kept in memory so pages work correctly, but cleared when you close the browser.
Temporary Internet Files Stored on disk so pages work correctly, but deleted when you close the browser.
Anti-phishing cache Temporary information is encrypted and stored so pages work correctly.
Automatic Crash Restore ACR can restore the tab when a tab crashes in a session. But if the whole window
(ACR) crashes, data is deleted, and the window cannot be restored.
Document Object Model The DOM storage is a kind of "super cookie" that Web developers can use to retain
(DOM) storage information. Like regular cookies, they are not retained after the window is closed.
This setting is configurable and can be changed by using any of the following:
• On the Tools menu, click Internet Options, and then click Privacy
• Right-click the Internet Explorer frame or toolbars when you are using InPrivate Browsing.
• Click View, and then click Toolbars when you are using InPrivate Browsing>
InPrivate Filtering
InPrivate Filtering helps prevent Web sites from collecting information about sites that you visit. Many
Web pages use content from Web sites other than the one that you are visiting. The content from these
content providers, such as advertisements, maps, or Web analysis tools, is frequently provided to the Web
site that you are visiting in exchange for information about who is looking at the content. If the third-party
Web site provides content to lots of the Web sites that you visit, the Web site owners could develop a
profile of your browsing preferences. The profile of your browsing preferences enables the Web site to do
things such as offer you targeted advertisements.
Usually this third-party content is displayed seamlessly, such as in an embedded video or image. The
content seems to originate from the Web site that you originally visited. Therefore, you do not know that
another Web site could see where you are surfing. Web analysis or Web measurement tools report Web
site visitors' browsing habits, and such tools are not always obvious to you. Although these tools can
sometimes be displayed as visible content (such as a visitor counter, for example), they are frequently not
visible to users, as frequently happens with Web beacons. Web beacons are typically single-pixel
transparent images whose sole purpose is to track Web site usage, and they are not displayed as visible
content.
InPrivate Filtering analyzes Web content on the Web pages that you visit. If InPrivate Filtering sees that the
same content is being used on several Web sites, the filter will give you the option to allow or block that
content. You can also decide to have InPrivate Filtering automatically block any Web site it detects, or you
can decide to turn off InPrivate Filtering.
How to Enable InPrivate Filtering
By default, InPrivate Filtering analyzes the Web sites that you visit but does not automatically block them.
You can decide to allow or block any Web site that InPrivate Filtering identifies as being able to share your
browsing preferences. You can have InPrivate Filtering automatically block any Web site, or you can turn
off InPrivate Filtering.
To enable InPrivate Filtering, click to select the check box next to InPrivate Filtering on the Safety menu.
The first time that you select this option, you receive the following message that describes the InPrivate
Filtering feature together with the options that are available:
This dialog box configures the same settings that you see in the following InPrivate Filtering Settings dialog
box:
Automatically block When Automatically Block is enabled, Internet Explorer 8 uses the InPrivate Filtering data
to automatically block information from being shared with a particular Web site after that
Web site has tracked the user across a specific number of sites. The default threshold for
automatically blocking a particular site that is tracking the user is 10 tracks. But this
number is configurable from 3 through 30 tracks.
This means that if a user visits 10 different Web sites that all request the same specific
piece of content from a third-party Web site, then any requests after that are
automatically blocked.
Choose content to This option lets the user manually decide to Allow or Block individual Web sites by using
block or allow the InPrivate Filtering data.
InPrivate Filter can also be enabled by using the button on the Internet Explorer 8 status bar.
Internet Explorer 8 also provides the ability for customers to subscribe to another Web site, and they can
have that Web site provide their InPrivate Blocking data for them through a feature known as InPrivate
Feeds.
For more information about the new InPrivate features in Internet Explorer 8, visit the following Microsoft
Web sites:
• IEBlog: IE8 and Privacy: http://blogs.msdn.com/ie/archive/2008/08/25/ie8-and-privacy.aspx
• Channel9.MSDN.COM: IE 8: Privacy - It's about more than cookies:
http://channel9.msdn.com/posts/Charles/IE-8-Beta-2-Privacy-is-about-more-than-cookies/
SmartScreen Filter
Internet Explorer 7 introduced the Phishing Filter, a feature that helps warn customers when they visit a
phishing site. Phishing sites spoof a trusted legitimate site, and the goal is to steal the customers’ personal
or financial information. For Internet Explorer 8, we are building on the success of the Phishing Filter with a
more comprehensive feature known as the "SmartScreen Filter."
In addition to detecting and warning users about phishing sites, the SmartScreen filter in Internet Explorer
8 also protects against sites that are known to spread malware.
Existing anti-malware protection like Microsoft Windows Defender, and so on, offers signature-based
protection that scans the binaries that are being installed on a customer’s computer. However, malware
authors can evade detection by using polymorphic code to foil signature-based engines. This ability to
avoid detection requires a defense-in-depth mechanism to offer protection against ill-reputed URLs that
are known to host malware payloads.
Vectors of Malware
A common attack vector for distributing malware such as Trojans, adware, viruses, and so on, is through
the Internet in the form of file downloads. There are two installation mechanisms:
o Social engineering, which convinces customers to install software under false pretenses
o Exploiting vulnerabilities in the product to install malware on the customers’ computer
Protection methods
• Malware protection will be delivered by taking advantage of the reputation for a given URL to
the site that hosts a malicious binary or a top-level site that has been known to link to malicious
binaries (Reputation instead of Signature).
• The protection will work with the current MRS (Microsoft Reputation Service) to provide
reputation information for URLs.
• Signatures for binaries will not be scanned. Just their location is used.
• Downloads are blocked from the command to Open or Run a file until the URL reputation check
is complete.
For more information about the SmartScreen Filter, you can read the “IE8 Security Part III: SmartScreen®
Filter” article here:
http://blogs.msdn.com/ie/archive/2008/07/02/ie8-security-part-iii-smartscreen-filter.aspx
Feature Details
When customers click this Information bar, a shortcut menu is presented to them. They can then decide to
enable the control for a specific Web site, enable the control for all Web sites, disallow the control, or find
more information about the prompt.
If customers decide to enable a control, either in the context of a specific page or for all Web sites that
they visit, a second confirmation approval prompt is shown. This second prompt gives customers a final
choice about whether to run the script.
Allowed domains and controls are stored in the HKEY_CURRENT_USER hive in the following path:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CLSID}
\iexplore\AllowedDomains\{Domain or *}
{CLSID} represents the Class ID of a specific control, and {Domain or *} represents the domains that are
allowed to run the specified control (In this example, the asterisk symbol (* represents all domains).
In Windows Vista, standard users are now able to install ActiveX controls to their own user profiles, and no
administrative involvement is required. In case customers do install a malicious ActiveX control, the system
itself will be unaffected. Because the installation affects only the customers’ profiles, the risk and cost of
compromise is lowered significantly. This feature relies on features that are found only in Windows Vista,
and this feature is therefore not available on Windows XP. The benefits of non-admin ActiveX control
installations include the following:
Most existing ActiveX controls do not have to be rewritten to benefit from this feature. The only change will be
repackaging.
This feature does not affect the installation behavior for legacy ActiveX controls.
Changes in Internet Explorer 8 do not affect the installation behavior for legacy ActiveX controls. Nothing
has changed about how such ActiveX controls are packaged. They are still an .inf file, and they are encased
in a .cab file. The changes come in additional directives within the .inf file, where developers can now
specify whether to use new non-admin installation features.
Feature Details
Customers who are logged on with Standard User credentials or with higher credentials are now able to install
ActiveX controls from the Web.
No UAC dialog box appears in the common end-to-end ActiveX control installation scenario when the installation
is performed in user mode.
Users with administrative access can now choose between per-user and machine-wide ActiveX control
installation, and they will not experience unnecessary complexity during the installation experience.