Microsoft IE9 RC Arrives With Improved Privacy, Security Features

Microsoft's Internet Explorer 9 Release Candidate has a number of enhancements aimed at improving privacy and security controls.

Microsoft's Internet Explorer 9 Release Candidate arrived Feb. 10 with privacy and malware protections built in to protect users.

At the forefront of those features is the new TPL (tracking protection list), which enables users to choose to visit only certain Websites if they click on a link or type in the address. The feature is meant as a privacy protection against online behavioral tracking. By limiting the calls to these Websites and resources from other Web pages, the TPL limits the information these other sites can collect.

"IE9 enables consumers to express their preference for privacy, and also gives consumers a mechanism to enforce specific aspects of that preference," blogged Dean Hachamovitch, corporate vice president for Internet Explorer at Microsoft. "Consumers can do this by choosing Tracking Protection Lists from organizations they trust. These lists can block and allow third-party content in order to control what information consumers share with sites as they browse the Web."

The TPL feature is Microsoft answer to calls for better controls to block tracking online. Other browser vendors are making plays as well. Mozilla recently added a "Do Not Track" HTTP header to the latest beta release of Firefox 4, while Google released an extension called "Keep My Opt-Outs." However unlike other solutions, IE9's benefits users even if Websites do not respect the user's preference not to be tracked, Hachamovitch wrote.

Also new in the release candidate is an ActiveX Filter that gives users more control over ActiveX controls. ActiveX has long been a source of criticism by security researchers due to vulnerabilities and exploits taking advantage of the technology. According to Microsoft, in IE9, the filter makes it easy to turn off ActiveX for all sites, and then re-enable it site by site.

Other security features in IE9 include integration between the SmartScreen Filter and Download Manager. The SmartScreen Filter was introduced in IE8, and works by checking Websites against a list of known phishing sites as well as sites that may contain malware. The integration with Download Manager in IE 9 is meant to use reputation to remove unnecessary warnings for well-known files and show more severe warnings when the download has a higher risk of being malicious, Microsoft has said.

"On today's Web, consumers are increasingly wary, often out of necessity," blogged Hachamovitch. "They face security risks like malicious sites and phishing scams. Even on sites consumers know and trust, bad things often happen. It's easy to almost follow a bad link from a friend on Facebook, or become a victim of malvertising when a malicious advertisement appears on an otherwise trustworthy site."