IE Win XP SP2 guidance


This paper came out recently and examines the state of Web browser security and the correlation between a browser’s vulnerability and its advanced functionality.


http://www.microsoft.com/downloads/details.aspx?FamilyId=E550F940-37A0-4541-B5E2-704AB386C3ED&displaylang=en 


A few interesting sections with their page numbers:


Security Versus Functionality 5
Default Settings & Patches 6


Browser Attacks: How They Work 8
Embedding Malicious Code in Web Pages and Sites 8
URL Spoofing 8


Internet Explorer Service Pack 2 Security Enhancements 16


Local Machine Zone Lockdown 16
Zone Elevation Blocks 16


Consistent MIME Handling and MIME Sniffing 17
Preventing URL spoofing 17


Secure Download Management 18


Pop-up Window Controls 19


Add-on Management 20


The Future of Browser Security Including Internet Explorer 7 Enhancements 22


Comments (0)