1. Joined : Oct 2013
    Posts : 17,401
    64-bit Windows 10 Pro build 15007
       09 Jun 2015 #1

    HTTP Strict Transport Security comes to Internet Explorer


    In February, we released the first preview of HTTP Strict Transport Security in Internet Explorer 11 in the Windows 10 Insider Preview. The HTTP Strict Transport Security (HSTS) policy protects against variants of man-in-the-middle attacks that can strip TLS out of communications with a server, leaving the user vulnerable.

    With today’s monthly security updates (KB 3058515), we’re bringing the protections offered by HSTS to Internet Explorer 11 on Windows 8.1 and Windows 7. HSTS is also available in both Internet Explorer 11 and Microsoft Edge on Windows 10.

    Site developers can use HSTS policies to secure connections by opting in to an HSTS preload list, which registers websites to be hardcoded by Microsoft Edge, Internet Explorer, and other browsers to redirect HTTP traffic to HTTPS. Communications with these websites from the initial connection are automatically upgraded to be secure. Like other browsers which have implemented this feature, Microsoft Edge and Internet Explorer 11 base their preload list on the Chromium HSTS preload list.

    Alternatively, sites not on the preload list can enable HSTS via the Strict-Transport-Security HTTP header. After an initial HTTPS connection from the client containing the HSTS header, any subsequent HTTP connections are redirected by the browser to be secured via HTTPS.

    When we initially announced HSTS in Windows 10, we noted that mixed content is not supported on servers supporting HSTS. With today’s updates, this is still the case in Microsoft Edge on Windows 10 – mixed content is always blocked on these servers. For Internet Explorer 11 on Windows 10, Windows 8.1, and Windows 7, the Information bar will prompt the user to proceed in mixed content scenarios.

    In addition to the HSTS updates, this month’s Internet Explorer updates include 24 security fixes, which you can see detailed on TechNet for more details.

    Kyle Pflug, Program Manager, Microsoft Edge
    Source: HTTP Strict Transport Security comes to Internet Explorer 11 on Windows 8.1 and Windows 7
      My System SpecsSystem Spec

  2.    10 Jun 2015 #2

    Hi there

    Now I KNOW I'm getting old !!!! A lot of this stuff is totally meaningless to me -- perhaps I've been using Windows for far too long (I remember even Window/286 !!! before Windows 3 even).

    Good luck to those who CAN understand what's happening here -- but what does this actually mean for a Bog Standard user. !!

    So long as I can access web sites I want to and also my LOCAL media servers then that's what matters to me. !!!

    Cheers
    jimbo
      My System SpecsSystem Spec


 


Similar Threads
Thread Forum
Expectations of Internet Explorer 12
What are everyones expectations of Internet Explorer 12, I say new UI.
Browsers and Email
April 2015 security updates for Internet Explorer
Source: April 2015 security updates for Internet Explorer - IEBlog - Site Home - MSDN Blogs
Windows 10 News
Solved Explorer + no internet connection
Today i turned on my pc and the explorer.exe error appeared, i refreshed the screen and the icons appeared , but the start button didn't work , i tried to make troubleshoot but nothing... the worst part is that i can't acces the internet. Is there a...
General Support
HTTP Strict Transport Security comes to Internet Explorer
Source: http://blogs.msdn.com/b/ie/archive/2015/02/16/http-strict-transport-security-comes-to-internet-explorer.aspx
Windows 10 News
February 2015 security updates for Internet Explorer
Source: February 2015 security updates for Internet Explorer - IEBlog - Site Home - MSDN Blogs
Windows 10 News
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 15:13.
Find Us
Twitter Facebook Google+



Windows 10 Forums