Symantec unveils Browser Defender in its 2008 consumer security software

Symantec has launched new editions of its consumer Norton AntiVirus and Norton Internet Security (NIS) software, adding new browser defences for some users in both packages and wrapping features from its new identity initiative into the suite.

The 2008 versions boast several new features and enhancements, including something that Symantec is calling Browser Defender, which is behavioural-based technology that inspects all ActiveX, JavaScript and VBScript code executing within Microsoft's Internet Explorer browser.

"It provides zero-day protection in the browser," said Ed Kim, the director of product management for Symantec's consumer products group, "but not just IE. It protects against attacks on any third-party application run within the browser, like QuickTime or Adobe [Reader]. Anything that has an ActiveX component."

Browser Defender, which is integrated within both Norton AntiVirus 2008 and Norton Internet Security (NIS) 2008, is also able to see through attack code obfuscation techniques, claimed Kim. "Other security [applications] rely on a few simple de-obfuscation routines or look at the script itself. But we will wait until the threat uncloaks, then look at the [API] call before that call is made."

Out of the gate, Browser Defender only protects users running Internet Explorer. Firefox users will have to wait. "We went with IE, given that it's the most prevalent browser," Kim said. Firefox support is in what Kim dubbed "the planning stage," with no timetable yet set.

Other new features in NIS include Norton Identity Safe, the new name of the tool that Symantec has called Norton Identity Client since its January debut at the Demo 07 conference. Part of the company's long-range plan to move into identity protection, the addition to NIS is a first-generation effort to offer a tool that lets users control what information is transmitted to websites and fills in forms and password fields automatically.