| ||||||
| Search Microsoft.com for: |
Windows XP Service Pack 2: What's New for Internet Explorer and Outlook ExpressPublished: August 4, 2004 The security features and innovations in Windows XP Service Pack 2 (SP2) with Advanced Security Technologies are all about helping users like you take a proactive approach to improving the protection of your computer, your information, and your privacy. These security improvements extend to Internet Explorer and Outlook Express, and give you new, easier ways to better protect your computer while you browse or use e-mail. Safer Browsing with Internet Explorer. The improvements in Internet Explorer for Windows XP SP2 can help to:
Safer E-Mail Handling with Outlook Express. The Outlook Express improvements in Windows XP SP2 can help to:
Continue reading to learn more about each of these security improvements and how they can help you better protect your computer. Safer Browsing with Internet ExplorerWith Internet Explorer in Windows XP SP2, you'll get some very noticeable new benefits such as fewer pop-up ads and greater protection against harmful downloads. Internet Explorer makes it easier for you to make informed decisions and take action to help reduce security risks to your computer. Less visible, but just as important, are some powerful new security defenses for your computer. With an improved security infrastructure, Internet Explorer blocks unruly windows and helps to defend your PC by drawing tighter security around it. In addition, there are several other security enhancements that help to protect your computer—although you might need to be a developer to fully understand the details. These security enhancements include things such as zone elevation blocks and changes to object caching—serious sounding names for serious security protections. Tip To learn more about any of the features mentioned in this section, you can read more technical information on the TechNet site. Block Pop-up AdsThe Pop-up Blocker, new to Internet Explorer in Windows XP SP2, can prevent most unwanted pop-up (or pop-under) windows from appearing. The Pop-up Blocker is smart enough to not block pop-up windows that you open deliberately by clicking a link—for example, if you were on a travel reservation site and you clicked a link to open a pop-up window containing your confirmation details, this pop-up window would not be blocked because you opened it intentionally. When a pop-up ad is blocked, you'll see a notification in the Information Bar, which is also new to Internet Explorer. When you click the Information Bar, you'll have access to the pop-up blocker settings that let you view the pop-up or configure other options. ![]() The Information Bar in Internet Explorer lets you know when it has blocked a pop-up ![]() Click the Information Bar to open pop-ups and change Pop-up Blocker settings Tip Read Block Pop-up Windows with Internet Explorer to learn more about what you can do with it—for example, you can adjust the settings to turn off the sound when Internet Explorer blocks a pop-up. You can get more technical background about the Pop-up Blocker on the TechNet site. Help to Protect Your PC from Potentially Harmful DownloadsIf a site attempts to download a program to your computer without your authorization, Internet Explorer in Windows XP SP2 uses the Information Bar to let you know. The Information Bar shows up to notify you, and then it disappears when you move on to another Web page. ![]() The Information Bar appears when a Web site tries to download a file that you did not request To find out what actions you can take, simply click the Information Bar to bring up a context-sensitive menu (as shown in the following image). The menu contains a link to Help where you can find more information about the notification. ![]() Click the Information Bar to see what actions you can take Tip To learn more about the Information Bar, read Use the Internet Explorer Information Bar. You can also get more technical background about the Information Bar on the TechNet site. Help to Protect Your PC when Saving Potentially Damaging FilesA file you download from the Web—for example, a game, a picture, or even a program—can be just what you bargained for, or it can be a vehicle for more malevolent intent. For this reason, Internet Explorer has stepped up its scrutiny of any file you begin to download, open, or save from the Web. Internet Explorer checks to see whether the file is the type of file it says it is and provides strong warnings if there are irregularities in how the file describes itself or if there seems to be a potential for harm based on the particular type of file (as shown in the following image). Internet Explorer also offers more concise information to help you understand the implications of opening or saving a file. ![]() Example of an Internet Explorer security warning
Block Downloads from Specific PublishersSome publishers will go to great lengths to have users install their programs. You may have experienced a situation in which you were repeatedly prompted to install a program that you didn't want or didn't trust. Perhaps you even installed the program just to get the prompts to go away. Now, Internet Explorer helps you to avoid this situation. With a simple click of the mouse, you have the option of automatically preventing certain programs from being installed or run on your computer. This includes an option to block all software from a specific publisher. ![]() Now you can tell Internet Explorer how to handle downloads from a specific publisher Control Add-ons Using Add-on ManagerAdd-ons are special programs that extend the capabilities of Internet Explorer, such as search toolbars, games, or programs that let you view Web sites offline. In many cases, they are useful and can enhance your Web browsing experience. But add-ons can also be annoying or even invade your privacy, particularly when they are installed without your consent. For example, an advertising company can use an add-on to display pop-up ads or to track your browsing behavior. Add-ons can also be a source of Internet Explorer crashes and performance issues. But until now, it's been difficult for users to take action. The Add-on Manager tackles these issues by providing a list of add-ons already installed on your computer and used by Internet Explorer, including add-ons that may be otherwise difficult to detect. You can use this list to enable or disable each add-on individually. ![]() Use the Add-on Manager to disable or enable individual add-ons The Add-on Manager also detects add-on-related crashes in Internet Explorer. When Internet Explorer successfully identifies one, you'll get the option to disable the add-on, which could help to improve the overall stability of Internet Explorer. Tip For more information about how to enable, disable, and otherwise manage Add-ons, read Help Block Dangerous Content with the Internet Explorer Add-on Manager. You can also get more technical background about the Add-on Manager on the TechNet site. Prevent Unruly Browser WindowsHave you ever been in a situation where a browser window covered up everything on your screen, including the Internet Explorer controls, and you weren't sure what to do? Perhaps you even turned off your computer because you were rightfully concerned that something malicious was going on. Internet Explorer has put a stop to this behavior by prohibiting Web sites from running scripts that resize or reposition your browser windows. (A script is a program or sequence of instructions that another program carries out.) So no matter how the script directs a window to behave, Internet Explorer overrides the script's direction and fits the window neatly into your screen with all its usual controls. Tip You can get more technical information about these restrictions on browser windows on the TechNet site. Help to Protect Your PC with Stronger Zone DefenseAs a security measure, Internet Explorer corrals all Web sites on the Internet into a single zone—the Internet zone—and applies a certain level of security protection which helps you to browse more securely. Internet Explorer will prompt you before you download content that it identifies as potentially unsafe. Internet Explorer also specifies four other zones, including Trusted and Restricted zones, to which you can assign Web sites either that you trust completely, such as Microsoft Update, or that arouse your suspicion. It also assigns your hard disk to the Local Machine zone (although this zone is not displayed in the settings for Internet Explorer). When you open a Web page, Internet Explorer restricts the actions a page can take based on the zone of the Web page—Internet, Restricted, and so on. For example, Web pages that are located in the Internet zone (as most pages are, by default), might not be able to perform some operations, such as accessing information from the local hard drive. In previous versions of Internet Explorer, your hard drive (or Local Machine zone) was considered to be secure, and content in this zone was allowed to run with relatively few security restrictions. However, attackers often tried to take advantage of these low restrictions to compromise computers. In Windows XP SP2 this changes. Internet Explorer applies strong security settings to the Local Machine zone to help protect against some common types of attacks, such as the running of a harmful download or a malicious script. Tip Read more about security zones and how you can use them to increase your browsing security in Working with Internet Explorer 6 Security Settings. You can also go to the TechNet site to get more technical information about how Internet Explorer helps to secure your machine. Safer E-Mail Handling with Outlook ExpressOutlook Express in Windows XP Service Pack 2 (SP2) helps you assess the likely safety of attachments. It also helps to keep you from unwittingly validating your e-mail address to spammers by blocking images in e-mail. Defend Against Suspect AttachmentsMillions of people opened an e-mail that said "I love you" even though it came from business associates they barely knew. Millions of people opened what they thought was an image of a tennis star. And, as we know, millions of people infected their computers, their networks, and their friends' computers with viruses which, when activated, mailed themselves to many of the contacts listed in the infected computers' address books. Many viruses (and their ugly relatives, worms) spread through file attachments in e-mail messages. Virus writers capitalize on people's curiosity and willingness to accept files from people they know or work with, in order to transmit malicious files disguised as or attached to benign files. New security technologies in Windows XP SP2 help to reduce the spread of viruses through e-mail. Now, Outlook Express calls upon the Attachment Manager to help you make smarter choices when you receive e-mail attachments.
Another benefit of Attachment Manager is that it is built on public code (API) that is available to any programmer to use to add safe, consistent attachment handling to the software programs they create. This can benefit you by providing a more consistent experience with attachments and minimizing the potential for confusion. Increase Protection from SpamPictures and images embedded in HTML e-mail messages can be adapted to secretly send a message back to the sender. These are often referred to as Web beacons. Spammers rely on information returned by these images to confirm active e-mail addresses. Some spam messages contain Web beacon images so small that they are invisible to the human eye—but not to Outlook Express. An improved defense against Web beacons is to stop pictures from downloading until you've had a chance to review the message. Outlook Express in Windows XP SP2 will now block images automatically in messages from people who are not in your address book. This goes a long way in preventing the verification of your e-mail address for spammers. It makes your e-mail name less useful to spammers and may result in your getting less spam over time. ![]() Example of how Outlook Express shows blocked pictures—you can click to open them if you trust the source, for example an airline newsletter or an electronic invitation from a friend This feature also minimizes a common annoyance for those using dial-up network connections. In earlier versions of Outlook Express, if you read an HTML e-mail message with a picture embedded in it, Outlook Express would automatically try to connect to the Internet to retrieve any reference images. With image blocking in Outlook Express, this will no longer happen. Tip The issues with embedded pictures occur for those reading messages in HTML mode. You also have the option to read or preview incoming messages in plain-text mode to avoid some of these security issues. (Note, however, that you lose the ability to change the look of text—font, color, font size, and so on—when you are in plain-text mode.) To find out how to do this, read Use the New Security Features in Outlook Express. Also, you can read E-Mail Handling Technologies for more technical information. ConclusionWindows XP Service Pack 2 with Advanced Security Technologies is all about helping you take a proactive approach to improving the protection of your computer, your information, and your privacy. The Internet Explorer and Outlook Express enhancements, including pop-up ad blocking and protection from potentially harmful downloads and attachments, will help you to enjoy new, easier ways to protect your computer while you browse the Web and use e-mail. |