Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

10/31/2006
06:10 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

IE7 Feature Goes Buggy

If your IE7 browser starts scarfing CPU when you hit Ajax-laden sites, you may need to disable your anti-phishing filter

The new and much-anticipated anti-phishing filter in Microsoft's Internet Explorer 7 browser may slow your PC's performance when you visit some Ajax-heavy sites, according to a Microsoft developer.

The workaround for the problem is to add the affected sites to "trusted sites" and then disable IE7's anti-phishing feature in the trusted sites zone as well if necessary, Microsoft developer Junfeng Zhang said in his Microsoft Software Developers Network (MSDN) blog. Ajax-heavy sites include Windows Live Mail Beta, Yahoo Mail Beta, Google Reader, and Microsoft Outlook Web Access, he says.

Microsoft's IE7 team is looking into the possible performance problem, according to a Microsoft spokesperson. "As a policy, Microsoft does not recommend turning off the phishing filter's protection, but if customers want to customize performance on certain sites they can add sites to the trusted sites zone and turn off the phishing filter in the trusted sites zone," the spokesperson says.

What do you mean, disable anti-phishing in IE7?

Anti-phishing is one of the hot new features Microsoft added to its browser, and it's already considered a must-have in today's phishy Web climate. Randy Abrams, director of technical education for Eset, who has been implementing IE7 himself recently, says you shouldn't disable the anti-phishing filter unless you experience any problems with these sites.

"If disabling the anti-phishing filter does not solve the problem, then re-enable it immediately," he says. "Set up a reminder to re-enable the filter so that if a patch is issued that fixes the problem, you will remember to re-enable the filter."

Given that the complex Ajax technology is still fairly new on Websites, Abrams says, it's not surprising to be finding such glitches with it.

One MSDN blog participant had already suggested that rather than disable the anti-phishing filter, you could add the Ajax-heavy sites as "trusted sites." That would preclude the filter from getting bogged down on the sites.

Disabling the IE7 anti-phishing filter requires restarting the browser as well, according to Zhang's blog.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • Microsoft Corp. (Nasdaq: MSFT)

    Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Sodinokibi Ransomware: Where Attackers' Money Goes
    Kelly Sheridan, Staff Editor, Dark Reading,  10/15/2019
    Data Privacy Protections for the Most Vulnerable -- Children
    Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
    7 SMB Security Tips That Will Keep Your Company Safe
    Steve Zurier, Contributing Writer,  10/11/2019
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win a Starbucks Card! Click Here
    Latest Comment: The old using of sock puppets for Shoulder Surfing technique. 
    Current Issue
    7 Threats & Disruptive Forces Changing the Face of Cybersecurity
    This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
    Flash Poll
    2019 Online Malware and Threats
    2019 Online Malware and Threats
    As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2019-8216
    PUBLISHED: 2019-10-17
    Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .
    CVE-2019-8217
    PUBLISHED: 2019-10-17
    Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
    CVE-2019-8218
    PUBLISHED: 2019-10-17
    Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .
    CVE-2019-8219
    PUBLISHED: 2019-10-17
    Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
    CVE-2019-8220
    PUBLISHED: 2019-10-17
    Adobe Acrobat and Reader versions, 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .