14 DAY TRIAL // Microsoft has announced an update to its SmartScreen security system, which from now on will also be able to detect drive-by download attacks when they happen.
SmartScreen is one of the numerous security features included with Windows, first introduced with IE7, over eight years ago, to protect against phishing schemes and social engineering attacks.
Over time, the SmartScreen system has evolved to add URL reputation checks and Application Reputation protection and has expanded to also cover the company's most recent browser: Edge.
SmartScreen can now tackle drive-by download attacks
With yesterday's recent updates to the Windows 10 OS, Microsoft has now upgraded the SmartScreen system to deal with drive-by downloads in both IE 11 and Edge.
If you're unfamiliar with the term, drive-by downloads are cyber-attacks that happen when users access a malicious Web page. Most drive-by attacks use exploit kits (also called crimekits) to automatically scan the computer of a site's visitor in search of known software vulnerabilities.
If one or more are detected, such weaknesses in someone's defense are exploited by infecting the computer with malware, all without any user interaction. You can easily see for yourself why cyber-criminals have started using more exploit kits in recent years to carry out their cyber-crime campaigns.
Some malvertising attacks can also be detected and highlighted
From now on, when IE or Edge detects suspicious exploit kit-related activity coming from a website, it'll show a full-page warning like the image embedded below the article, recommending users to proceed with caution.
Additionally, whenever content is loaded on a page using iframes, SmartScreen also scans the iframe's content, and if it finds anything dubious, it will turn that specific iframe red (just like the full-page warning). This measure can be crucial in detecting some malicious ads (called malverts or malvertising) that often employ iframes to load.
For cyber-security warriors, if they want to improve Microsoft's SmartScreen system, they can report suspicious sites via the browsers themselves.
Here's how Microsoft advises users to report suspicious websites: ♦ Microsoft Edge on Windows 10. Tap or click the "More" menu, choose "Send feedback", and then choose "Report unsafe website." ♦ Internet Explorer 11 on Windows 10. Tap or click the "Tools" button, select "Safety," and then choose "Report unsafe website."
