The one caveat is that if controls are installed by a
page using a CAB file, the user will have to Opt-in to install the Cab file. Controls in the
preapproved list as well as controls used previously under IE 6 (in the case of an upgrade
244
from IE 6) can still run without Opt-In protections. Controls that are on the preapproved
list but not installed on the machine yet will still have to go through the approval process
to be installed on the system.
This feature is intended to help mitigate ???drive-by??? web attacks by eliminating silent
execution of the many legacy ActiveX controls that, while still installed, may never be
actually used by the legitimate sites a user visits. It remains to be seen how effective this
will prove in actually preventing attacks, but it is a worthy effort at attack surface
reduction.
SSL Protections
IE 7 enforces stronger SSL requirements for HTTPS connections. If a problem occurs with
an SSL certificate from a web site, rather than just popping up a cryptic and easily ignored
message box, IE 7 will interrupt the transaction with an entire web page warning the
user that he or she should not proceed. Specifically, the error states ???There is a problem
with this website??™s security certificate??¦ We recommend that you close this web page
and do not continue to this web site.
Pages:
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424