Rumor Busting: IE 7.0 Reduced Privileges? Not So Fast

Source: WinInfo Daily UPDATE--Short Takes--June 10, 2005

Several reports suggested this week that Microsoft Internet Explorer (IE) 7.0, which will ship this year for XP SP2, will include a feature called low rights that lets the browser operate in a safer, lower-privileges mode. That news would be wonderful, but it's not true. "While most IE 7.0 security features will be available in IE 7.0 for Windows XP SP2, low-rights IE will be available only in Longhorn because it's based on the new Longhorn security features that make running without Administrator privileges an easy option for users (User Account Protection)," Rob Franco, lead program manager for IE Security, wrote in the IE blog this week in an effort to clear up the confusion. "The primary goal of low-rights IE is to restrict the impact of a security vulnerability while maintaining compatibility. Low-rights IE doesn't 'fix' vulnerabilities, but it can limit the damage a vulnerability can do."

 

Actually we could already do reduced privilages with current XP. ( I did a post on it long time ago using a script from someone in M$ ) it is just that i can't be bothered figure out which level of user access is best for the browser.

To my testing it would be something you self config.... but that is too much hassle. Since i use firefox anyway

 

I also favour Firefox. For my project to harden XP I'll take a look at the MS script. AFAIK it reduces privileges for the administrator account. The IE 7.0 for Longhorn looks more like IE running in a sandbox which reminds me of Finjan's SurfinGuard.