1 / 17

Internet Explorer 7

Internet Explorer 7 Advice for the NHS using NPfIT Applications September 2006 Agenda Summary Advice for the NHS IE7 Upgrade Process Options IE7 Security Features Summary Advice for the NHS If you use NPfIT applications provided by an LSP or NASP Don’t install IE7 yet

richard_edik
Download Presentation

Internet Explorer 7

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internet Explorer 7 Advice for the NHS using NPfIT Applications September 2006

  2. Agenda • Summary Advice for the NHS • IE7 Upgrade Process Options • IE7 Security Features

  3. Summary Advice for the NHS • If you use NPfIT applications provided by an LSP or NASP • Don’t install IE7 yet • Install the Blocker to prevent WU automatically upgrading systems to IE7 • Test all your own critical applications with the latest version of IE7 available • Wait until your LSP confirms that all NCRS/NPfIT applications are compatible • If you don’t yet use NPfIT applications provided by an LSP or NASP • Don’t install IE7 yet • Install the Blocker to prevent WU automatically upgrading systems to IE7 • Test all critical applications with the latest version of IE7 available

  4. IE7 Upgrade Process Options

  5. New Features Tabbed browser RSS Page zoom More Manageable Group Policy settings Enhanced Security Only available on Windows XP SP2 Windows Server 2003 SP1 IE7 Beta known to break some NCRS applications Upgrade to IE7? Minus Plus

  6. Other Windows Versions • All versions of Windows prior to XP SP2 should continue to run IE6

  7. IE7 Automatic Upgrade Microsoft treating IE7 as a “Hot Fix” to IE6 When released IE7 will be a High Priority Update on Windows Update (WSUS) It will be automatically installed on clients using Windows Update (WSUS) Some NCRS/NPfIT applications are known not to work with IE7 beta How do we prevent the automatic install of IE7?

  8. Preventing the Upgrade If using WSUS, SUS or SMS to deploy updates Do not approve the IE7 update If manually using Windows Update (from Start menu) Tools available to prevent the IE7 update being applied Download from Microsoft Web site as a toolkit from http://go.microsoft.com/fwlink/?linkid=65788 Where users have Local Administrator rights Either remove those rights (unlikely) or provide advice & guidance

  9. Disabling Delivery of IE7 Will prevent machines receiving IE7 as a high-priority update via Automatic Updates and the “Express” install option on the Windows Update and Microsoft Update sites. The Blocker Toolkit will not expire Will NOT prevent manual installations of IE7 as a Recommended Update from the Windows Update or Microsoft Update sites, from the Microsoft Download Center (sic), or from external media. Erroneous IE7 installations can be uninstalled using Add/Remove Programs

  10. How the Toolkit works Blocker script sets a registry setting on a computer Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Setup\7.0 Key value name: DoNotAllowIE70 Value set to 1 to block install Script run asIE70Blocker.cmd [<machine name>] [/B] [/U] [/H] Group Policy template ADM file also supplied

  11. New Features of IE 7

  12. IE7 Security Features Protect the machine Protect the user against misleading downloads and websites

  13. Protect the Machine Unified URL parsing URLs passed as strings may be parsed inconsistently through the stack Special characters complicate URL parsing http://www.good.com@bad.com Cross-domain security enhancements Limit scripts on web pages from interacting with content from other domains or windows Code quality improvements to reduce buffer overruns

  14. Protect the Machine ActiveX Opt-in IE6 blocked signed ActiveX controls with the Information bar,but pre-installed controls would run silently IE7 blocks pre-installed ActiveX controls with the Information bar on first run (or via Add-on Manager) Protected Mode (Microsoft Windows Vista only) IE7 runs in isolation from other applications Cannot write beyond Temporary Internet Files without user consent

  15. Protect the User Download scanning with Windows Defender Phishing Filter High-assurance SSL and address bar Address bar shown in all windows Colour of address bar indicates potential threat

  16. Protect the User Dangerous settings notification "Fix My Settings" feature – warns when your Internet settings may be unsafe and resets them Secure defaults for IDN (International Domain Names) Warns when visually similar characters in URL are not in same language Parental controls (Windows Vista only) Can restrict access Logs sites browsed

  17. http://www.microsoft.com/windows/ie/ie7/about/features/default.mspxhttp://www.microsoft.com/windows/ie/ie7/about/features/default.mspx http://blogs.msdn.com/ie Toolkit to block upgrade to IE7 http://go.microsoft.com/fwlink/?linkid=65788 Resources & further information

More Related