Microsoft SmartScreen enhanced in Windows 10 to protect users from drive-by attacks



Microsoft has announced that it has updated its SmartScreen phishing and malware filtering technology for Internet Explorer 11 and Microsoft Edge in Windows 10 to protect users from drive-by attacks.

A drive-by attack, unlike traditional forms of malware delivery, occurs without user interaction by targeting users who merely visit webpages, and may also leverage zero-day exploits. In addition to protecting users from drive-by attacks, Microsoft has stated that the updated version of SmartScreen may also protect users from zero-day exploits—such as the 'HanJuan EK' exploit that was discovered last year, which exploited a vulnerability in Adobe's Flash Player software—even before a patch is made available.

The new drive-by protection feature in SmartScreen is, according to Microsoft, the result of data collected over the course of a year by a variety of data sources, including Bing, the Enhanced Mitigation Experience Toolkit (EMET), Internet Explorer, Microsoft Edge, SmartScreen, and Windows Defender.

The new frame blocking experience in SmartScreen does not obscure webpages.

In addition to offering protection from drive-by attacks, the user experience in the latest update to SmartScreen has been enhanced. As shown in the screenshot posted above, when a potentially malicious frame is detected in a webpage, only the frame itself will be blocked. Previous versions of SmartScreen obscured entire webpages with a warning when a potentially malicious frame was detected—even if the webpage itself was not malicious—inconveniencing users.

While the aforementioned improvements to SmartScreen should make browsing the web a safer and more enjoyable experience for users of Microsoft's web browsers, they have arrived at a time where users are switching to alternative browsers. And even with these improvements, Microsoft has cautioned that users should regularly install all available security updates as soon as possible.

Source: Microsoft | Image: Microsoft

Report a problem with article
Previous Story

UK's largest mobile network, EE, recalls all of its free Power Bar chargers over fire risk

Next Story

Rdio music streaming service sets the date for its shutdown

6 Comments - Add comment

Advertisement