Microsoft adds NoScript or XSS filter to Internet Explorer 8

     Microsoft has stepped up their game again in order provide better protection to Internet Explorer users against Cross-Site Scripting (XSS). They have added XSS Protection to Internet Explorer 8. With this new layer of protection Internet Explorer is once again a secure web browser. This comes as great news to anyone who uses IE and wants to have great security features. Firefox also has an this technology which comes as an add-on to Firefox called NoScript.

There is still a key point that separates NoScript from the XSS Filter that was added to Internet Explorer. The key point, is how it works!

• The XSS Filter added to Internet Explorer is only a black list. Meaning the things that Internet Explorer does block are going to be known and high risk XSS attacks. Leaving that tiny bit of room for the ones that are unknown or not that high of a risk, at the moment. Not to mention the XSS Filter in Internet Explorer only protects you from XSS (cross-site scripting) attacks.

• The NoScript plugin added to Firefox on the other hand plays a different role. Not only does NoScript protect your from XSS Attacks. NoScript by default blocks every website you visit from running Scripts. This extra layer of protection protects you from a list of other attacks that are carried out using scripts. If you are blocking scripts by default until you allow them for a certain site, then no attack ever takes place.

    Microsoft has released the new feature in version 8 of the Internet Explorer. This will set a new standard in web browser security. It seems that after Firefox and Internet Explorer implement a new security feature that other browsers will follow.

    ASG has tested and approves of Internet Explorer 8 for use.

    Get Internet Explorer 8

WARNING: Internet Explorer 8 may not work with every website perfectly just yet. In case you run into an issue, keep in mind you can use Firefox, Comodo Dragon, Chrome or Avant web browsers for websites that do not yet fully work with Internet Explorer 8.(NOTE: using Chrome or Avant will be less secure than using Firefox or Internet Explorer)

HOW TO TEST IE 8 XSS Filter:

• Open Internet Explorer 8
• Type a basic script into your address bar and hit go. Example: the word "script" with greater than and less than symbols of each side of it. 
• You should get a Yellow Information bar saying "Internet Explorer modified this page to prevent a potential cross-site scripting attack. click here for more information..."

HOW TO DISABLE IE 8 XSS Filter: (ASG does not Recommend Disabling this Feature)

• Open Internet Explorer 8
• Click on the Tools Menu,
  
• Click on Internet Options
• Click on the ‘Security’ tab
• Under the Security Tab, click on the ‘Internet’ Icon (it looks like a picture of earth)
  
• After selecting the Internet Icon, click on the ‘Custom Level’ button at the bottom
• Scroll down the list of settings and click ‘Disable’ in the Enable XSS Filter option
• Click OK to apply the setting and then you can close out of the Internet Options and Relaunch Internet Explorer to be Sure the settings are saved and applied