Internet Explorer has long been a favorite target of cybercriminals; security holes are regularly found in older versions of the popular browser, leaving it easily exploitable for a number of different attacks.
But with the March 14 release of IE9 hp 530 battery Dell wr050 battery , Microsoft may have finally gotten things right, Ed Bott of the security website ZDNet says.
Better filters for bad files
Bott cites IE9's SmartScreen filters, which run Web pages containing suspicious downloadable attachments through a database of all known programs and websites. If the page or the attachment doesn't check out, IE 9 won't let you even view it, let alone be tricked into downloading a rigged file.
"The algorithm assumes that a file — signed or unsigned — is untrustworthy until it establishes a reputation," Bott wrote. "No domain or file gets a free pass."
It's a "guilty until proven innocent" approach, and it's working for IE9 — Microsoft wrote on its Internet Explorer blog that only about seven percent of all executable files downloaded by IE were later confirmed as malicious.
The same, Bott contends Dell vostro 1500 battery Dell vostro 1700 battery , can't be said for Google Chrome.
Chrome is in the hot seat
Chrome has become an attractive target for online criminals lately because many savvy computer users regard IE as insecure. Chrome is perceived to be safer, and its users think they're less susceptible to malware attacks, Bott suggested.
Also, because Chrome users represent a much smaller market than IE9 users, malware authors tend to not waste their time creating scams for the relatively small group.
But that trend is shifting; the SpyEye and Zeus trojans, notorious for infecting computers to steal banking credentials, have recently been targeting Chrome and the even less-used browser Opera and staying away from IE, Brian Krebs noted in his Krebs on Security blog.
With criminals migrating to Chrome, Bott says Chrome's filters, and its entire approach to protecting users, isn’t as airtight as IE9's — or even as secure as its advocates believe.
Whereas IE9 Acer aspire 5920 battery Acer aspire 5520 battery automatically blocks pages with suspicious attachments, Chrome allows users to save the file, and then choose to download it later.
But as many cybercrime ploys use social engineering tactics to make corrupt pages look legitimate, Bott said, "if the social engineering did its job, that means that a significant number of people are going to choose wrong."
Bye-bye to drive-by
In one instance, Bott came across a spoofed warning designed by hackers to look just like Google Chrome's genuine warning page.
More related news you maybe like :
Acer as07b41 battery
Compaq nc6000 battery
Hp elitebook 8530w battery
The message on the warning read, "This type of file can harm your computer," and contained a corrupted attachment titled, "InstallInternetProtect.exe."
But that was just what was on the surface: Bott said in many cases, rogue Web pages can slip through Chrome's filters and infect users when they land on the page, a tactic called "drive-by downloads."
Having a security feature that automatically assumes the worst about a Web page, as IE9 does, might be in fact the best practice.
IE9 is currently available for Windows Vista or Windows 7; it will not run on Windows XP.
Tagcloud : IE 9 , Web Browser , Acer aspire 5610 battery , Dell inspiron 1525 battery, dell inspiron 1720 battery , dell inspiron 6400 battery , Dell latitude d531 battery , dell latitude d620 battery , Dell latitude e6400 battery , dell xps m1330 battery
No comments:
Post a Comment