Internet Explorer 9 is winning the fight with malicious downloads, but the truth is that end users are the beneficiaries of the new browser security enhancements introduced in the latest release of IE by Microsoft.
According to the latest statistics shared by the Redmond company with the public, Internet Explorer 9’s SmartScreen Application Reputation feature is a massive contributor to keeping users safe from social engineering attacks designed to get them to infect their own machines with malware masquerading as legitimate downloads.
IE9 can block social engineering threats by warning users about either malicious websites or about potentially malformed software downloads.
“Through the SmartScreen Filter, IE has been effective at blocking socially engineered malware attacks and malicious downloads – IE blocks between 2 and 5 million attacks a day for IE8 and IE9 customers,” revealed Jeb Haber, Program Manager Lead, SmartScreen.
“Since the release of IE8, SmartScreen has blocked more than 1.5 billion attempted malware attacks. IE is still the only major production browser to offer this kind of protection from socially engineered malware. From our experience operating these services at scale, we have found that 1 out of every 14 programs downloaded is later confirmed as malware.”
By leveraging Application Reputation, IE9 is perfectly capable of warning users that the software they’re about to download could be malicious in nature from the minute a malformed piece of code is offered to them.
By comparison, it takes security vendors hours and up to half a day before discovering a malicious download and updating their solutions with antivirus signatures.
“When it comes to program downloads, other browsers today either warn on every file or don’t warn at all. Neither of these approaches helps the user make a better decision. Application Reputation also addresses a limitation present in all block-based approaches that happens at the beginning of new attacks, before a Web site or program has been identified as malicious,” Haber said.
The software giant estimates that Application Reputation will safeguard IE9 users from no less than 20 million infections per month, offering additional protection on top of the SmartScreen Filter.
Perhaps the best part of Application Reputation is that it’s actually working in convincing users to steer clear of potentially malicious downloads. The Redmond company reveals that 95% of Application Reputation warnings are heeded by users who either delete or not run the programs.
“Because programs and publishers can now establish a reputation, 90% of program downloads no longer show browser security warnings when users have SmartScreen enabled,” Haber explained.
“From our data, the typical user will only see 2 warnings per year. On any given day, clicking through the “unknown warning” carries a risk between 25% and 70% of malware infection.”
All in all it appears that IE9 Application Reputation is winning the fight against malicious downloads by doing something I once thought it was impossible to do: “patching the user.”
Social engineering attacks rely on tricking victims into getting infected rather than exploiting a security vulnerability.
Although there’s no patch for such user flaws, it turns out that offering comprehensive and reliable information / warnings to customers can help them make the best decision possible in order to stay secure.
Internet Explorer 10 (IE10) Platform Preview 1 (PP1) is available for download here.
Windows Internet Explorer 9 RTW for Windows 7 and Windows 7 SP1 is available for download here.