The colored address bar is designed to be a sign that a specific site can be trusted, giving people the green light to carry out transactions there. It is a weapon in the fight against phishing scams, which use fraudulent Web sites.
High Impact

The idea is among the draft guidelines created by the CA Browser Forum, an organization comprised of companies that issue certificates for Web sites and major browser makers. Last week, Microsoft decided to adopt that draft version for IE 7, released last month. It plans to add the functionality in January.

A primary concern is to help the targets of online scams, said Markellos Diorinos, a product manager for Windows at Microsoft. “If you look at the phishing problem today, it is usually about all the big brands that get hijacked,” he said. “We addressed the problem that we have at hand today, and that was one very important thing for us.”

The new version is the first upgrade to the web browsing program for more than five years.

New features include tabbed browsing, the ability to search the net directly and an anti-fraud system to thwart phishing attacks.

The new program is available as a free download on 19 October, but many will get it as an automatic update to Windows XP in November.

Firefox accounted for 12.5 percent of September’s global browser market, said Aliso Viejo, Calif.’s Net Applications. That’s an increase from August’s 11.8 percent, which was up from the 11.3 percent in July. Internet Explorer’s share slipped to 82.1 percent in September, down from August’s 83 percent.

Also making gains was Apple Computer’s Safari browser, which by the end of September was up from 3.2 percent to 3.5 percent. Safari’s September numbers were its highest since April.

“Internet Explorer continues to lose market share with Firefox and Safari showing a steady increase over the past 9 months,” said Net Applications in a statement.

HD Moore, co-founder of the Metasploit Framework, has launched a new project called MoBB (Month of Browser Bugs) with daily releases of proof-of-concept code for flaws in Internet Explorer, Firefox, Safari, Opera and Konqueror.

“We will publish a new browser hack, every day, for the entire month of July. The hacks we publish are carefully chosen to demonstrate a concept without disclosing a direct path to remote code execution,” Moore said in a blog entry announcing the project.

So far, four flaw warnings have been posted with accompanying exploit code. Three of the four pertain to Microsoft’s dominant IE browser.

GreenBorder Technologies, a venture-backed start-up, plans to release on Tuesday a consumer security tool that puts Microsoft’s IE in a virtual sandbox. Called GreenBorder Pro, the product uses virtualization technology similar to what researchers at antivirus companies have been using for years. In a virtual environment, malicious software is allowed to execute, but it can’t touch the underlying operating system.

“We provide a safe environment for running IE,” said Jim Fulton, vice president of marketing at Mountain View, Calif.-based GreenBorder. “You can literally go to any Web site, even if it is full of exploits, full of nasty stuff, (and) GreenBorder will keep it isolated from your machine.”

Microsoft’s IE is by far the most popular Web browser, used by about nine out of every 10 Web users. However, some security experts have likened it to Swiss cheese, because of the many security flaws in it. The browser has been the target of many cyberattacks, and some Web surfers have switched to alternatives Firefox and Opera.