Windows has come a long way with security and one such technology introduced within the last ten years from that initiative is SmartScreen Filter first introduced in Internet Explorer 7 on Windows Vista. Since then, Microsoft has expanded the reach of the security mechanism in Windows making it efficient at protecting users from malicious code that tries to compromise your PC. The Microsoft Edge Team recently announced improvements and integration with SmartScreen Filter, making it easier to detect and advise users of potential threats.
SmartScreen Filter Improvements in Microsoft Edge and IE 11
Today, we’re happy to announce that with the latest Windows 10 updates, we’ve extended SmartScreen to include protection from drive-by attacks in Microsoft Edge and Internet Explorer 11.
One of the common attack methods in recent times has been so-called “drive-by downloads” which does not require any user interaction. For instance, when you visit a popular website, a download can be initiated in the background without you even knowing. Many of these drive-by attacks are now beginning to leverage zero-day attacks keeping one step ahead of traditional security technologies such as Anti-virus and Anti-spyware.
An interesting aspect of zero-day attacks is how much they leverage these security technologies to their advantage by looking for newly discovered vulnerabilities. This is even worse for users who haven’t installed security utilities or keep them updated.
Drive-by attacks make use of services known as exploit kits (EKs) to scale effectively. These are tools that first check your PC for software vulnerabilities (tracked publicly as CVEs) and then try to exploit them. The vulnerabilities can be either newly discovered ones – also known as 0-days – or ones that have already been fixed in popular software. Over the past year, we’ve seen EKs moving faster to target vulnerabilities in apps with available patches, while also exploiting 0-day vulnerabilities more frequently as well.
Microsoft is stepping up its game using a collection of critical data sources such as the Bing search engine, Windows Defender, and Internet Explorer. Telemetry data gathered from other teams within the company has also helped in the fight against these emerging trends by detecting behavioural changes in widely used technologies such as Windows. User experience is also part of the effort in helping to fight against these new types of security threats. One approach is user awareness, and this is where the improvements to SmartScreen Filter in Microsoft Edge begins.
SmartScreen helps protect against drive-by attacks by using a small cache file created by the SmartScreen service. This cache file is periodically updated by your browser to help keep you protected and to ensure that calls to the SmartScreen service are only made if we believe there’s a high probability of malicious content on a page.
If SmartScreen determines that a website is potentially malicious, you’ll see a red warning and the content won’t render in either Microsoft Edge or Internet Explorer 11 on Windows 10.
With these new advances, SmartScreen can effectively detect and warn users when it finds a website or a website containing elements such as web ads that might contain malicious code.
Certainly these are welcome improvements that demonstrate Microsoft’s commitment to protecting and inform users while providing an enjoyable web experience. Microsoft has not limited these updates just to Microsoft Edge either. Those of you who are still loyal to Internet Explorer reap the benefits, too.