Microsoft is going to force users of Windows to pass to the latests version of Internet Explorer, writes The Verge. Changes will become effective on January 12, 2016: users of Windows 7 and Windows 8 will have to pass to Internet Explorer 11 to continue to receive updatings.
If the Internet Explorer 12 version or even 13 appears till January 12 of the 2016th and it will support Windows 7 and Windows 8, their users will have to pass to the latest version. Changes mean that after January 12 of the 2016th Internet Explorer 8 and 10 will not be supported on the user Windows versions any more.
3 years, 3 months ago
The design team of the Internet Explorer web browser announced the next security feature under the name Out-of-date ActiveX control blocking which will help users to be protected from attacks of drive-by download. It is about additional option of safety of the browser of versions 8-11 on Windows 7 SP1 + which will block out-of-date (outdated) plug-ins of IE (using the ActiveX environment). From the point of view of safety function belongs to type of so-called explot mitigation and will allow to be protected from 1day the exploits used by malefactors for automated installation of malicious programs through sets of exploits. The new security setting will appear in the browser with the following patch tuesday, i.e. on August 12.
Similar function is available as a part of EMET 5.0 and Attack Surface Reduction (ASR) is called. ASR allows to block reproduction by the browser of content of Flash Player or Java for not entrusted zones IE, i.e. for Internet zone. The new security setting of IE Out-of-date ActiveX control blocking works by the similar principle, but not completely forbids use of potentially unsafe plug-ins of the browser (see the link ASR), but only for what already there was new version. The contents reproduced by Internet Explorer, for example, plug-ins of Java or Flash Player, use the ActiveX environment as it is regulated by Microsoft for embedding of the corresponding contents in the web page and its successful reproduction in IE. Depending on what application version will request the reproduced contents, the browser on the basis of new option will decide to give out to the user warning or not.
3 years, 3 months ago
The table with the list of vulnerabilities of Remote Code Execution which used attacking for remote installation of malicious code in system (drive-by download) was provided in our post devoted to improvements of ASLR in the latests version of Windows. More than a half of these vulnerabilities belong to type of so-called use-after-free (UAF). UAF can be characterized as convenient for attacking way of transfer of management on the code. In such scheme the legitimate executable code, for example, of the Internet Explorer browser, has to contain the wrong logic of work with memory which is that at some stage the fragment of code addresses according to the pointer on that memory unit of heap which has already been released earlier.
It is obvious that such error during the work with memory can simply cause abnormal termination of the browser as there will be address according to the invalid pointer. However, in case with exploit, attacking use it in the purposes so that to force vulnerable code to transfer control to the necessary address. As a rule, heap-spray that promotes reservation of large number of memory units to the predictable address in heap with filling with their instructions necessary for the malefactor is for this purpose used. In June and July cumulative updatings for the Internet Explorer browser 11 Microsoft has entered additional technologies of mitigation of operation in the form of the isolated heap at memory allocation for objects and the postponed release of memory units. Such approach will secure code of the browser which still may contain errors during the work with memory, from actions of exploits.
3 years, 5 months ago
A few weeks ago (for the first time, at the DevCon 2014 conference) we said that we aim at creation of more open dialog between the Internet Explorer team and community of developers. Today we represent Internet Explorer Developer Channel, the full-function browser created to allow developers to estimate functionality and new opportunities of the browser on which the Internet Explorer team works.
IE Developer Channel can work irrespective of IE11. At it there are all opportunities of the current Internet Explorer version and some new functions on which implementation we work at the moment. Evaluate new opportunities and tell that you think of them in Twitter @IEDevChat or in Connect.
3 years, 6 months ago
The Microsoft company has issued the notification of safety (SA 2963983) in which it is reported that new 0day Remote Code Execution vulnerability of CVE-2014-1776 is present at all versions of the MS Internet Explorer 6-11 browser and is used attacking in the directed attacks for delivery of malicious code (drive-by download). Attacking use in a special way the created web page and object of Flash Player for operation of this vulnerability.
Our initial investigation has revealed that Enhanced Protected Mode, on by default for the modern browsing experience in Internet Explorer 10 and Internet Explorer 11, as well as Enhanced Mitigation Experience Toolkit (EMET) 4.1 and EMET 5.0 Technical Preview, will help protect against this potential risk.
Thus, users of Internet Explorer 10 &11 on Windows 7 x64 &Windows 8/8.1 with the included setup? Enhanced protect mode? (Enhanced Protected Mode, EPM) are protected from actions of this exploit. Besides, users of EMET 4.1 and 5.0 TP also are protected. These EMET versions include process of the browser in the list protected by default. Let's remind that EPM increases immunity of the browser to exploits due to start of processes of tabs in the special limited AppContainer mode on Windows 8+ (AppContainer is also used by default for all Modern UI applications).
3 years, 7 months ago
Today we with pleasure represent the Internet Explorer 11 updating for Windows 8.1 and Windows 7 (available with safety updating, after April 8). If you do not want to wait for automatic updating, you can load updatings with MSDN and TechNet after April 3.
Besides, today debuts Internet Explorer 11 for Windows Phone 8.1. The Windows Phone 8.1 updating will begin for all existing users in the next months. Since next month, updating will be preset on new phones. The registered developers will have an opportunity to set updating until the end of the next week.
To show possibilities of the browser on different platforms, we also start two new services: 22Tracks and FishGL. With them you will be able to study and evaluate new opportunities of IE11 for Windows and Windows Phone.
Today people work on the Internet at several devices? notebooks, tablets and phones? alternately using them during the day. The Internet Explorer updating for Windows and Windows Phone will allow to switch with the maximum convenience between devices, thanks to synchronization of open tabs and favorites. The Internet Explorer 11 browser for Windows 8.1 and Windows Phone 8.1 uses the same engine, and supports all modern web standards: it will allow developers to create the sites and services equally convenient at work on different devices. For example, the Internet Explorer browser for Windows Phone 8.1 supports hardware acceleration for the last (stable) WebGL specification, and also video of professional quality in HTML5 with possibility of use of credits and adaptive stream transfer of media data and also managements of the rights now.
3 years, 9 months ago
Some days ago company FireEye informed that new 0day use-after-free-vulnerability CVE-2014-0322 in Internet Explorer 10 is exploited by malefactors for malicious code delivery (drive-by). It is underlined that web site U.S. Veterans of Foreign Wars (vfw [.] org) has been compromised harmful IFrame and it was used for redirection of users on other harmful web page from which maintenance of vulnerability with usage of file Flash (.swf) was carried out.
eksplojt uses EMET in system. In case of library EMET detection ≈ EMET.DLL, eksplojt completes the operation. For obtaining of a memory access of process of the browser harmful SWF uses method Flash Vector object corruption (IE10 use-after-free vuln). After all operations eksplojt loads a useful load from a remote server, decrypts it and launches on modification. Anti-virus products ESET detect this eksplojt as Win32/Exploit. CVE-2014-0332.A , and a useful load as Win32/Agent. QEP .
3 years, 11 months ago
Recently we wr about possibilities of protection from eksploytov for users of Internet Explorer, which Microsofts entering with release of the last versions of the browser — IE10, IE11 for Windows 7 x64, 8, 8.1. The technology who implemented similar possibilities are called as sandboxing and are implement in Internet Explorer, since the tenth version (IE10 +), as «The expand protect mode» (Enhanced Protected Mode, EPM). We also specif that EPM worked differently for Windows 7 x64 and Windows 8/8.1. In a case with Windows 7 x64 EPM forced the browser to use 64-bit processes for operation of the tabs that helped to be protect from heap spraying which are the main technology of bypass of restrictions of superimpos ASLR (in case of 64-bit address space of ASLR had more possibilities on the arbitrary distribution of storage, besides so imposing volume of the virtual storage in itself considerably complicated spray).
For IE10 + on Windows 8/8.1 EPM it are implement as valuable sandboxing which forced the browser to launch the tabs in a mode of AppContainer (which as a matter of fact are continuation of the restrictions, superimpos November patch tuesday by default disconnected adjustment of EPM in IE for users of Windows 8/8.1.
4 years ago
Yesterday I publishing a topic in whom describing some surprising decisions whom the company accepting Microsoft at release of new versions of the so to say the Internet Explorer browser. If briefly, it:
introduction of modes of compatibility with all earlier let out versions of the browser up to 5.5;
the decision to emulate this compatibility by a careful portirirovaniye of old bugs;
failure from instructions of a name of the browser in the user agent against announcements what to detect IE11 on the user agent it are not necessary;
demolition of a reverse sovmestistimost between the last Developer Preview and RTM release;
different behavior, up to falling in some situations, the same browser under different versions of an operating system;
maintaining of the global list of compatibility in whom those sites who, in judgement Microsoft, should seem in compatibility of IE one of modes got;
formation of this list on the basis of statistics on cliques of users of preview-versions of the browser in the Compatibility View button;
priority of this list over the Meta set by the web designer X-UA-Compatible in the RTM assembly of IE11.
So, IE11 on 95 languages are already accessible to downloading. Within the next weeks of users of Windows 7 will update automatically on the new version of IE. Update began today day with at whom IE11 Developer Preview and Release Preview was install.