Digg this story   Add to del.icio.us  
Browser makers focus on beating malware
Robert Lemos, SecurityFocus 2008-03-07

Microsoft and Mozilla are upping the ante in security features for the next versions of their popular browsers.

At its MIX08 conference in Las Vegas this week, Microsoft unveiled two security features that will debut in the next version of its browser, Internet Explorer 8: the Safety Filter, which warns users of potentially malicious Web activity, and domain highlighting, which uses bold text to highlight the real domain of any Web site.

The software giant stressed that the features were part of its focus on improving security for Web surfers.

"With the Safety Filter, Microsoft will now protect against a broader set of online threats by analyzing the full URL string, providing more granular detection and prevention capabilities enables us to protect against more targeted and sophisticated attacks," Microsoft said in a statement sent to SecurityFocus.

Mozilla, the company behind the open-source browser Firefox, announced previously that the next version of it browser, Firefox 3, will include a host of security features, among them protection against malicious downloads from Web sites. Dubbed malware protection, the feature will use a hash of the Web site's address, or URL, to compare against a list of sites known to host malicious downloads.

"Malware protection (like anti-phishing protection) looks for sites that it has identified as hosting malware," said Window Snyder, chief security officer for Mozilla. "The underlying structure is similar, but how we know about the sites is different."

Microsoft and Mozilla added security to their Web browser rivalry in 2006, when Microsoft released in October Internet Explorer 7, a more secure version of its browser. Mozilla followed a week later with Firefox 2. Both browsers added a feature to blacklist phishing sites and each company argued that its implementation worked better.

In the latest version of their browsers, both companies continue to attempt to outdo the other.

Microsoft's Safety Filter technology combines heuristics, to flag sites that behave in certain risky ways, with a blacklist of sites that are known to host malicious code, Microsoft said in a statement sent to SecurityFocus. The filter improves upon the Anti-phishing Filter present in Internet Explorer 7, which uses a blacklist to block access to malicious sites.

Internet Explorer 8 also changes the top-level domain name of the current site to a bold font in the address bar, "allowing users to quickly confirm that the site they are visiting is the site they intended to visit," Microsoft stated in an e-mail answering questions from SecurityFocus.

While Microsoft did not discuss other security features, Internet Explorer 8 will make add-ons, or plug-ins, easier to manage and will check for the latest versions. In addition, the impact of Active X controls is limited to the user's profile, if the person is using Windows Vista.

Firefox 3, which has reached Beta 3, uses a hash of a Web site's address to increase privacy when looking up potentially malicious sites. To reduce traffic to anti-malware service, the browser checks the first half of the hash against a local list of potentially bad URLs. Only if a match is found will the program check the full hash against a database maintained by Google.

The technique is not foolproof, Mozilla's Snyder acknowledged, but it does incrementally improve the security of the browse.

"It is a bit of cat and mouse," she said. "We are not expecting a 100 percent solution on this, we are just making things better. (Just like) the anti-phishing protections were effective, much more effective than anything that was there before."

The next version of Mozilla will also include other security features, including the prominent placement of a Web site's identity information and the ability to verify that the browser is running the latest plugins.

Neither Microsoft nor Mozilla has committed to a ship date for their software.

If you have tips or insights on this topic, please contact SecurityFocus.

    Digg this story   Add to del.icio.us  
Comments Mode:


Privacy Statement
Copyright 2010, SecurityFocus