Microsoft SmartScreen enhanced in Windows 10 to protect users from drive-by attacks

[Batu69]

The new frame blocking experience in SmartScreen does not obscure webpages

 

Microsoft has announced that it has updated its SmartScreen phishing and malware filtering technology for Internet Explorer 11 and Microsoft Edge in Windows 10 to protect users from drive-by attacks.

A drive-by attack, unlike traditional forms of malware delivery, occurs without user interaction by targeting users who merely visit webpages, and may also leverage zero-day exploits. In addition to protecting users from drive-by attacks, Microsoft has stated that the updated version of SmartScreen may also protect users from zero-day exploits—such as the 'HanJuan EK' exploit that was discovered last year, which exploited a vulnerability in Adobe's Flash Player software—even before a patch is made available.

The new drive-by protection feature in SmartScreen is, according to Microsoft, the result of data collected over the course of a year by a variety of data sources, including Bing, the Enhanced Mitigation Experience Toolkit (EMET), Internet Explorer, Microsoft Edge, SmartScreen, and Windows Defender.

 

In addition to offering protection from drive-by attacks, the user experience in the latest update to SmartScreen has been enhanced. As shown in the screenshot posted above, when a potentially malicious frame is detected in a webpage, only the frame itself will be blocked. Previous versions of SmartScreen obscured entire webpages with a warning when a potentially malicious frame was detected—even if the webpage itself was not malicious—inconveniencing users.

 

While the aforementioned improvements to SmartScreen should make browsing the web a safer and more enjoyable experience for users of Microsoft's web browsers, they have arrived at a time where users are switching to alternative browsers. And even with these improvements, Microsoft has cautioned that users should regularly install all available security updates as soon as possible. Source: Microsoft

 

Article source

[vibranium]

4 hours ago, Batu69 said:

In addition to protecting users from drive-by attacks, Microsoft has stated that the updated version of SmartScreen may also protect users from zero-day exploits—such as the 'HanJuan EK' exploit that was discovered last year, which exploited a vulnerability in Adobe's Flash Player software—even before a patch is made available.

 

 

I wouldn't take this statement too seriously. It almost sounds like a Microsoft press release.

[Karlston]

Not sure this could be a Microsoft press release. It's promoting Windows 10 by giving a good reason to upgrade to it.

 

From history, bullying, nagging, forcing, bribing, or being sneaky is the Microsoft way to "promote" Windows 10.

[steven36]

24 minutes ago, Karlston said:

Not sure this could be a Microsoft press release. It's promoting Windows 10 by giving a good reason to upgrade to it.

 

From history, bullying, nagging, forcing, bribing, or being sneaky is the Microsoft way to "promote" Windows 10.

sounds  like one too me because you can use EMET and WD  on win7 or 8.1 that leaves EDGE you can just use some other browser and install script blocking addons .

 

LOL,  they don't even have a addblocker yet  so how smart  could it be?