06-09-2017, 11:25 AM
Browser security is the application of Internet security to web browsers in order to protect network data and computer systems from infringements of privacy or malware. Security vulnerabilities in browsers often use JavaScript, sometimes with cross-site scripting (XSS), sometimes with a secondary upload using Adobe Flash. Security vulnerabilities can also exploit the vulnerabilities (security holes) that are commonly exploited in all browsers (including Mozilla Firefox, Google Chrome, Opera, Microsoft Internet Explorer and Safari).
Browsing the Internet as a less privileged user account (that is, without administrator privileges) limits the ability of a security vulnerability in a web browser to compromise the entire operating system.
Internet Explorer 4 and later enables the blacklist and whitelist of ActiveX controls, plugins, and browser extensions in a variety of ways.
Internet Explorer 7 added "protected mode," a technology that hardens the browser through the application of a Windows Vista security feature called Mandatory Integrity Control. Google Chrome provides a limited environment to limit access to the web page to the operating system.
Suspected malware sites reported to Google, and confirmed by Google, are designated as hosting malware in certain browsers.
There are third-party extensions and add-ons available to toughen even the most recent browsers and some for older browsers and operating systems. Whitelist-based software such as NoScript can block JavaScript and Adobe Flash, which is used for most privacy attacks, allowing users to choose only sites that they know are safe. AdBlock Plus also uses subscriptions to whitelist ad filtering rules. filter list maintainers have come under noncompliance controversy by allowing some sites to pass pre-set filters. US-CERT recommends blocking Flash using NoScript.
Browsing the Internet as a less privileged user account (that is, without administrator privileges) limits the ability of a security vulnerability in a web browser to compromise the entire operating system.
Internet Explorer 4 and later enables the blacklist and whitelist of ActiveX controls, plugins, and browser extensions in a variety of ways.
Internet Explorer 7 added "protected mode," a technology that hardens the browser through the application of a Windows Vista security feature called Mandatory Integrity Control. Google Chrome provides a limited environment to limit access to the web page to the operating system.
Suspected malware sites reported to Google, and confirmed by Google, are designated as hosting malware in certain browsers.
There are third-party extensions and add-ons available to toughen even the most recent browsers and some for older browsers and operating systems. Whitelist-based software such as NoScript can block JavaScript and Adobe Flash, which is used for most privacy attacks, allowing users to choose only sites that they know are safe. AdBlock Plus also uses subscriptions to whitelist ad filtering rules. filter list maintainers have come under noncompliance controversy by allowing some sites to pass pre-set filters. US-CERT recommends blocking Flash using NoScript.