Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: HTTP Strict Transport Security comes to Internet Explorer 11

09 Jun 2015   #1
Brink

64-bit Windows 10 Pro
 
 
HTTP Strict Transport Security comes to Internet Explorer 11

Quote:
In February, we released the first preview of HTTP Strict Transport Security in Internet Explorer 11 in the Windows 10 Insider Preview. The HTTP Strict Transport Security (HSTS) policy protects against variants of man-in-the-middle attacks that can strip TLS out of communications with a server, leaving the user vulnerable.

With today’s monthly security updates (KB 3058515), we’re bringing the protections offered by HSTS to Internet Explorer 11 on Windows 8.1 and Windows 7. HSTS is also available in both Internet Explorer 11 and Microsoft Edge on Windows 10.

Site developers can use HSTS policies to secure connections by opting in to an HSTS preload list, which registers websites to be hardcoded by Microsoft Edge, Internet Explorer, and other browsers to redirect HTTP traffic to HTTPS. Communications with these websites from the initial connection are automatically upgraded to be secure. Like other browsers which have implemented this feature, Microsoft Edge and Internet Explorer 11 base their preload list on the Chromium HSTS preload list.

Alternatively, sites not on the preload list can enable HSTS via the Strict-Transport-Security HTTP header. After an initial HTTPS connection from the client containing the HSTS header, any subsequent HTTP connections are redirected by the browser to be secured via HTTPS.

When we initially announced HSTS in Windows 10, we noted that mixed content is not supported on servers supporting HSTS. With today’s updates, this is still the case in Microsoft Edge on Windows 10 – mixed content is always blocked on these servers. For Internet Explorer 11 on Windows 10, Windows 8.1, and Windows 7, the Information bar will prompt the user to proceed in mixed content scenarios.

In addition to the HSTS updates, this month’s Internet Explorer updates include 24 security fixes, which you can see detailed on TechNet for more details.

Kyle Pflug, Program Manager, Microsoft Edge
Source: HTTP Strict Transport Security comes to Internet Explorer 11 on Windows 8.1 and Windows 7


My System SpecsSystem Spec
.
Reply

 HTTP Strict Transport Security comes to Internet Explorer 11




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Latest Internet Explorer security update
Hi everyone.... I hope someone can explain this to me. When I clicked on the iconfor "new updates available) there was "security update for Internet Explorer 9 for Windows 7 64 bit KB2964358" When I clicked on the "more information" it states that the know issue is that IE will crash if...
Windows Updates & Activation
Internet Explorer 9 Certificate Security
Hello When i use certain Secure* Web Sites Internet explorer pops ups always Security Certificate Error.How i can disable it? I update to the latest Certificates but prpoblem still exist. Windows 7 64bit i7 3.06 12 gb ATI radeon 6870
Browsers & Mail
Internet Explorer Enhanced Security
Do you know how to turn this off in Windows 7?
Browsers & Mail
Internet Explorer’s ActiveX Security Mitigations in Use
More...
News


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 21:30.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App