Internet Explorer 9 is the latest version of the old war-horse from Microsoft which is still under development stage. It is being developed only to run on machines with Vista SP1 and above which means that Windows XP, the most used OS at present, is out of luck.

But this post is about the new and enhanced security features present in the Internet Explorer 9. Here we go…

1. InPrivate Browsing: It seems that private browsing is the order of the day. You can invoke or close it at your will. Once inPrivate browsing is invoked,  IE9 stops retaining your browsing history, temporary Internet files, data from online forms, cookies, user names and passwords.

2. InPrivate Filtering: When you visit a webpage, it is not necessary  that all the content is served from that domain only. Lots of content like advertisements, images, scripts, tracking codes etc. is served from other domains and often this is the cause of the malware infections.

InPrivate Filtering feature allows you to decide how much of this third-party content they want to experience. Once it’s enabled, InPrivate Filtering is designed to watch for and block third-party content you frequently find across the websites you visit.

3. Download Manager with SmartScreen filter Integration: SmartScreen is a URL blacklist providing malware and phishing protection. Starting with this version, Microsoft introduced SmartScreen download reputation. SmartScreen download reputation is a browser feature that uses reputation data to remove unnecessary warnings for well-known files, and shows more severe warnings when the download has a higher risk of being malicious. This reduces the problem of having the users ignoring or deactivating these warnings if they appear too often. The download manager also performs some malware checks, digital signature checks, and so on.

4. Domain highlighting: An effective measure against phishing attempts is to look in the address bar for the actual domain name of the URL. Domain highlighting feature in IE9 highlights the domain name for easy identification, which allows users quickly understand the actual address of the website. This reduces the chances of them getting fooled by the look-a-like URLs with the target phishing domain.

5. Cross-Site Scripting Filter: Cross-site scripting is a particularly nasty form of online attack that can jeopardize the personal information of website visitors. In a cross-site scripting attack the attackers inject malicious code into a website. That code can then get the attacker access to page content (even content that was secured behind a users name and password), session cookies and other information maintained by the visitor’s Web browser.

Internet Explorer 9 has a cross-site scripting filter that’s built to detect these cross-site scripting attacks. The filter is turned on by default in Internet Explorer 9; when it finds a harmful script running on a Web page it takes steps to disable the script and keep visitors to the website safe.

Despite a stiff competition from newer web browser like Google Chrome, Firefox, Opera and Safari, Internet Explorer, IE, is still the most used web browser in the world. It still accounts for more than 50% of all web browsers user in the world.

And so, the choice for the malware developers is obvious. If anytime they have to decide which browser to attack, they will choose Internet Explorer, just because it has the widest reach.

There is yet another reason also.

Internet Explorer is the default browser shipped with the most popular operating system in the world…i.e. Microsoft Windows. Out of all those people who use Internet Explorer, there is a sizable proportion of users, who use it just because they do not know about any other choice. Even if they know, they are too lethargic to try other browsers. And these ignorant and lethargic users are perceived to show same attitude towards their PC Security. They are expected to show similar attitude towards updating their software, towards using the latest version of good security software and reamining vigilant during their online attitude.

And so the target for the malware developers is obvious…the Internet Explorer.

Trend Micro Browser Guard – Free Security Add on for Internet Explorer

Sorry for getting deviated. The purpose of this post was not to discuss the vulnerabilities of IE, but to introduce a useful security add on, specially meant for IE at present.

This IE browser addon, which is developed and upgraded by the noted security vendor Trend Micro, prevents known and unknown web threats. Zero-day attacks such as Aurora and Hydraq can be proactively blocked by Browser Guard, which detects and prevents behavior associated with these types of threats.

Cybercriminals often use malicious JavaScript inserted into web pages, where attacks can take place silently, without any visible effect. Browser Guard also protects you from such attacks by analyzing and subsequently blocking malicious JavaScript. For the most advanced and efficient detection, Browser Guard communicates with the Trend Micro Smart Protection Network, bringing you the latest protection when you surf the web.

Key Benefits of Trend Micro Browser Guard

• Protects against zero day exploits
• Detects buffer-overflow and heap-spray attacks
• Protects against execution of shell code
• Analyzes and protects against malicious JavaScript
• Connects with Trend Micro Smart Protection Network to maximize detections

It is a freeware IE Security tool from Trend Micro and you can download the same from the link given below.

[Download Trend Micro Browser Guard]

A Browser Helper Object (BHO) is a DLL module designed as a plugin for Microsoft’s Internet Explorer web browser to provide added functionality. BHOs were introduced in October 1997 with the release of version 4 of Internet Explorer. Most BHOs are loaded once by each new instance of Internet Explorer.

BHO, just like the addons, enhance the functionality of Microsoft IE and make it feature rich. However, because BHOs have unrestricted access to the Internet Explorer event model, some forms of malware have also been created as BHOs. BHO seldom requires permission before performing further actions, hence it easy for malicious coders to conceal the actions of their browser addons.

How to Remove Malicious BHO Trojans

The first step towards the removal of BHO is the actual identification of the malicious BHO and the registry keys associated with it. If you can do it yourself, then you can manually remove them and get rid of the malicious BHO.

However identification of Malware BHO may be difficult. There is a tool, which can make it easy for you. BHORemover from SecurityXploded helps in quick identification and elimination of such malcious BHO’s present in the system. It not only displays detailed information about each BHO entry but also provides online verification mechanism which makes it easy to differentiate between legitimate and malicious plugins.

Current version of BHORemover comes with enhanced user interface with cool look and feel, sorting mechanism to arrange the entries based on various parameters and online verification of BHO using ProcessLibrary.com.

How does BHORemover help You Removing BHO?

All Browser Helper Objects installed on the system are stored under following registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

Each entry under this key is a CLSID which uniquely identifies particular BHO. Once you know the CLSID, more information about it can be obtained by looking for that ID under following registry key

HKEY_CLASSES_ROOT\CLSID

This will give your complete path information of the DLL associated with the BHO. From this path information, you can find out company name, file version, size, installation date etc.

To remove particular BHO, you have to remove those above mentioned entries from registry. Note that modifying the registry manually can be dangerous and leads to disastrous results if edited wrongly. It is recommended that you use BHORemover tool to remove it from the system easily and quickly.

A useful tool for fortifying your PC Security.

[Download BHORemover]