Your Browser Matters: Microsoft’s new website was created to show you how your browser helps keep you secure online.
Key Security Features:
- Does the browser help protect you from websites that are known to distribute socially engineered malware?
- Does your browser provide a distinct warning when you download an application that is of higher risk but not yet confirmed as malware?
- Does the browser have a feature that can help protect you from phishing sites?
- Does your browser help you identify the domain you’re on by distinguishing it within the URL?
Attacks on your browser
- Does the browser have the ability to restrict an extension or a plugin on a per site basis?
- Does the browser have a system for auto updating browser extensions?
- Does the browser process utilize Windows Protected Mode or implement a similar mechanism such that browser processes cannot modify parts of the system that it doesn’t have access to?
- Does the browser extend the sandbox such that it cannot read data from parts of the system that it doesn’t have access to?
- Does the browser benefit from Windows Operating System features that protect against arbitrary data execution?
- Does the browser benefit from Windows Operating System features that randomize the memory layout to make it harder for attackers to find their target?
- Does the browser benefit from Windows Operating System features that protect against structured exception handling overwrite attacks?
Attacks on websites
- Does the browser automatically block insecure content from secure (HTTPs) pages?
- Does the browser filter out scripts on the client to help protect against XSS attacks?
- Does the browser implement content security policy that websites can use to mitigate XSS and CSRF attacks?
Can the browser sanitize HTML to remove potentially problematic code?
- Does the browser have features that websites can take advantage of to help protect you from cross site request forgery attacks, also known as “click jacking”?