Microsoft explained the latest Internet Explorer 10 security features in a detailed blog post.
Microsoft blog runs through security improvements in Internet Explorer 10
We covered recently the changes in the presentation of Internet Explorer 10, and it’s performance improvements. Now we’re taking a look at how secure IE 10 actually is.
Over at the Microsoft blog, they say that Internet Explorer 10 features big improvements in memory protection which in turn makes vulnerabilities harder to exploit. Apparently, these improvements will increase the “difficultly and development cost of exploits” which in theory should reduce attacks.
The blog goes on to say that improved memory protection effectively acts as a buffer, providing a “front line of defense” to block attackers. Memory protections can also terminate a browser process and prevent the attacks before they’re complete.
IE 10 also features run time mitigations. As the blog says, these allow the operating system to participate in keeping the browser secure.
The basic function is that some memory pages will be marked as non executable, and the processor will not run that code. To get around that, attacks may attempt to run their own code. Still, the memory marked as not executable will prevent the attacker’s from running.
IE 10 goes under revamp
Microsoft also talked about the ‘front-end’ side of Internet Explorer 10, specifically how the introduction of Metro in Windows 8 has changed the browser.
First, the blog talked about how the browser has gone under a redesign: IE 10 now goes full screen when being used, with the new Metro interface removing all distractions – such as the address bar when not being used – to create the best experience possible for users.
Second, Microsoft talked about how Internet Explorer 10 has been built with touch in mind. Not only does the browser feature a new touch keyboard that can be used with keyboard and mouse or touch, but the browser’s performance when pinching to zoom and scrolling through pages is better than ever (as mentioned in the previews). This is particularly evident when using IE 10 on tablets.
Third, the browser now has integration into the Windows Store. Visiting an app’s website in the browser, such as Cut the Rope as mentioned on the blog, will produce a prompt allowing users to download the app from the Store.