Internet Explorer & Microsoft Edge Protects you Against Drive-By Attacks

Internet Explorer came with very interesting feature known as SmartScreen filter and it protects you against websites containing Malware and Phishing. This feature first introduced in Internet Explorer 7, moving forward it became smarter and in Windows 8, it integrate inside Windows , so if you try run a files from other sources (without download it over internet) for example copy it from a USB drive, it check and warn user if it contains malware or is suspicious file. In Windows 10, SmartScreen feature becomes even smarter on Internet Explorer and Microsoft Edge (which is new browser) in Windows 10. Now, with the latest update, it protects against drive-by attacks. If we want to explain drive-by attack in simple word, consider yourself visiting a website which seems to be safe and just by visiting the website your PC get infected with malware or in worse case, it get hacked. You might notice a case, when you just visit a website and your Anti-Virus software shows it blocked or removed a malware and you might wonder what’s happened. So far Anti-Virus software was the one way to protect users against these attacks and another mitigation method was keep your system and all applications updates. With new improvement in SmartScreen filter for Internet Explorer 11 and Microsoft Edge in Windows 10, you are being protected against this type of attack.

In this case we have one additional protection layer which improves your protection. In past, if there was a website containing Drive-By attack only if you’re PC and all of your applications were updates, then you have been protected. If they bypass this, like you have out of date software or application, then updated Anti-Malware product could have detect and block it. Now, with new enhancement in Internet Explorer and Microsoft Edge, malicious websites are being blocked, so your Anti-Malware could rest a bit. You may refer to Evolving Microsoft SmartScreen to protect you from drive-by attacks for more details.

 

Advertisements

Internet Explorer Blocks Out-of-Date ActiveX

ActiveX consider as a useful feature in Internet Explorer and thanks to ActiveX we are able to use plug-in and extensions which give us a better and richer web browsing experience. For one example, you could use Java to play online games and use web applications on your browser. Even though, ActiveX extensions consider to be helpful and productive, they might cause security problems and slow down performance of your browser. Manufacturers of ActiveX controller usually test their plug-ins and when they discover any issues, they attempt to fix it and release update and when the end user applies these updates, then they are protected against vulnerabilities and they have a faster and better browsing experience. Like we always encourage people to update everything in their PCs including Windows, Anti-Malware products and other applications, it is always recommended to update your ActiveX too. Many ActiveX controllers come with automatic update feature, for one example, you might have seen Java update notification in your PC which is something like the following:

Java-Update-Notification

When you click on the notification, it will open a page asking you to install the latest version of Java. However, there are many users who ignore updating their ActiveX and plug-in and this would put their PC at risk. New vulnerability could execute in an out-of-date ActiveX easily and it will result compromising the system and other damages. For this reason, the Internet Explorer will start protecting you against out-of-date ActiveX. If you already updated your Windows, when you visit a website which contains out of date ActiveX, you will get a warning to update it and the warning in Internet Explorer 8 would be as follow:

 

IE8-BlockActiveX

 

If you are using Internet Explorer 9, 10 and 11, you will see the following warning:

 

IE9-IE11_BlockActiveX

 

It warn you about your out of date ActiveX and helps you to update it and this way it will protect you against vulnerabilities and help you to improve your experience on the web as new update contains performance improvement and bug fixes. There are many users who ignore update notification or they are unaware whether they are using updated ActiveX or not. This process help them by notifying them about out-of-date ActiveX. This feature does NOT support all ActiveX but the one which are affected by most users and it is an undergoing way and more ActiveX will be added to the list.

It is great news for many users , however some IT Administrators might concern that their companies is forced to use old version of ActiveX and this update might bother their users by keep notifying them about out-of-date ActiveX. In this case, you don’t have to be worry, you could use Group Policy to manage notification and enforce not notify users. It is not a good idea to stay on out-of-date ActiveX, but it is something you could do while you should plan support new updates and latest version. In addition, you could use Group Policy to enforce this setting and don’t let user to ignore update message and enforce them to update their ActiveX to protect your entire company and get rid of out-of-date ActiveX. You may learn more about these updates from Internet Explorer Blog.

Internet Explorer 11 Is The Most Secure Browser Against Malwares

Many users share story of visiting a website or downloading something over internet and they encourage certain problems like unwanted popups, unwanted email, unauthorized access to their PC and so on. In the other world they get infected with malicious software or malware (Virus, Worm, Trojan, Spyware…). Because many people connecting internet to download, watch, read things through a browser (Internet Explorer, Firefox, Chrome…), it is important to use a browser to protect you against malwares. Browsers start developing new technologies which protect users against malwares. But the question is how well they protect users? To answer this question, NSSLabs conduct an experiment and test different browsers and check how well they protect users against malwares. According to their experiment, average malware block rate is as follow (Note: the more block rate means the browser is more secure):

 MalwareBlockBrowsers

As you can see, Internet Explorer has the highest block rate compare to other browsers, which means if you visit a website containing malicious software, if you are using Internet Explorer, you are more protected against malicious software compare to other browsers. Your browser plays important in protecting people, so chose your browser wisely. Internet Explorer was the most secure browser according to previous experiments too. In this experiment, Internet Explorer 11 been used. You may refer to NSSLabs website for the complete report.

 

 

 

Internet Explorer 10 is the Most Secure Browser

Internet is the place that most people around the world are using it. It could be useful and enjoyable or it could be harmful and dangerous. If you followed security warning about the computer, you might notice that there are many warning about internet and what you download or link that you click and websites that you visit. Websites and downloads are most common ways to get infected with Malware (Virus, Worm, Trojan, Spyware …).Having a good browser is important when it comes to security. A browser that could block Malware before you visit website or download them. 

In the recent research about Malware, Internet Explorer is the most secure browser when it comes to Malware protection and many other security features. There was a research conduct by NSSLabs, which is independent Security Research Company and they did a research about Malware blocking rate in the following browsers:

  • ·         Apple Safari 5
  • ·         Google Chrome 21
  • ·         Microsoft Internet Explorer 10
  • ·         Mozilla Firefox 15

And in their research, they run these browsers and then visited infected website and monitor how many of those websites will block by each browser. The more Malware which block means the browser is more secure and for example if a browser block 90 percent of Malware it means that from each 10 websites it blocks 9 malicious website that are dangerous and their test result is as follow: 

 Overall Malware Block Rate by Browser (higher % is better) 

 

As you can see Internet Explorer blocks over 99% of Malware which is a very high number of blocking. In the other word, if you use Internet Explorer the possibility that you get infected with Malware is very low, because most of the infected website or downloads will block before get into your PC. In addition, Internet Explorer comes with download manager and you don’t need any download manager to download programs from internet and this download manager will block malicious downloads.

However, note that you still need Anti-Malware product to protect yourself against threats that come from other sources such as USB, DVD, etc. Internet Explorer is additional security layer to protect you before you get infected from online threats and makes your Anti-Malware’s job easier and enhance your protection. In Windows 8, by default you have Internet Explorer 10 and Windows Defender as Anti-Malware. You could read the complete report from NSSLabs, here.

Malwares are not welcome, this is IE

Many of you will know that many of Malware (Virus, Worm, Trojan…) are coming from the internet and you might have experience that you download something and then your PC is infected. From this point we could say that having a good browser with a good security level is a good and smart idea. That is able to protect us when we are browsing the internet which is a dangerous place. There was another interesting test conduct by NSS Labs, which shows about security of different browsers when it comes to blocking Malware. This means that when you are downloading something or click on a link on the internet then how powerful your browser reacts against it. Does it block it or just let you to download it? Let’s have a look at figure below, it shows their report and as you can see Internet Explorer 9, blocks 99% of Malware, which is unbelievable and also Internet Explorer 8 shows a good result by blocking 90% of Malware, which is quick good result and if you compare it with other browsers such as Firefox, Safari, Chrome, Opera, you will see Internet Explorer is ahead from all of them when it comes to Malware blocking (blocking Virus, Worm, Trojan, Spyware, Adware…) .  

 And also if you have a look at preview tests from NSS Labs, that been done before you will see Internet Explorer always was ahead from other browsers, and in each test it improve protection while compare to other browsers they have up and down , in one test they got higher than before and in another they got lower. Have a look at graph below: 

 All of the graph that I posted here, I get from NSS Labs report and they are real data and again NSS Labs is NOT Microsoft friend and family, these are real data from independent researcher company. Therefore, let see why Internet Explorer is so well on Malware blocking. Let start from Internet Explorer 8, which been tested for while. It comes with Technology called SmartScreen Filter, it will block phishing websites (which websites that looks like legitimate website but they are fake and try to steal your information) and also it will block websites and downloads that contain Malware(Virus, Worm, Trojan, Spyware, Adware…) . The technology is powerful enough that block 90% of Malware. About Internet Explorer 9 that as I writing this is in beta level, it contains SmartScreen Technology too but with some additional feature called “application reputation”. If I want to summarize this technology in one word, it will check for you that download is safe or not base on its reputation and certificate (a digital certificate that will buy and show that program is trusted). And let say there is a download with less reputation and without any certificate, then it warn you. It give you one additional protection that if download haven’t been reviewed by Microsoft yet, but base on reputation and some other security facture Internet Explorer 9 will help you to identify potential risky download. It will help you to protect yourself more and even before you download something bad into your PC, Internet Explorer would block it. Note that this technology is great but it won’t replace your Anti-Virus, don’t feel fully safe only base on this technology, this is your additional protection feature that give you more confidence but Internet is NOT the only source for Malware and you still need Anti-Virus to protect yourself.

 

Please feel free to read full reports of NSS Labs here.

 

Better protection using IE8

NSSLabs conducts another test about web browser security. The interesting part here is that according to their report and the test result, Internet Explorer 8, still have greater protection against Social Engineered Malware compare to other browsers. What it mean here is simple, if you want to be protect in Cyberspace, I recommend you to use Internet Explorer 8. Below is graph from NSSLabs:

 

 

 

The blue color is the first test that they conduct; green color is their next test and red color, is their last test, as you can see Internet Explorer keeps improving. Internet Explorer 8, come with new feature called SmartScreen Filter, it contain both Anti-Malware and Anti-Phishing. In this test Anti-Malware feature has been tested and as you can see it shows great protection. In the internet there are so many good things for playing game, find books, do research and Internet is a great world.  However, there are dangerous and malicious things in the Internet that could harm you or your PC. You know how Malware could harm your PC as your PC might already infect with Malware by downloading Bad things. Harm you mean harms your privacy, what if someone enters your PC and views your personal information and post your picture all over the net or blackmail you. SmartScreen Filter in Internet Explorer will help you a lot with great protection against bad things. It will block bad things for you and will not let Malware website to damage you.  However, protection is NOT 100%. But it doesn’t mean that you should give up. Whenever you face to website that detect as Malware (or bad website) but it is not, you always could report it to re-review and if website is harmful and not block by Internet Explorer, you could always report it. Using Safety->SmartScreen Filter->Report Unsafe Website, it will help Microsoft to enhance protection in Internet Explorer 8, and by doing this you will also help protect millions of user all over the world. Remember Security is not standalone task, in order to become successful against bad guys and secure our Cyberspace (Internet) we need work together. Report unsafe website using Internet Explorer 8 is easy and it will be helpful; please report any unsafe website that might not detect using that. Note that it is Internet Explorer 8 , if you have older version check your Windows update or contact your system administer in order to help you. I also recommend you to have looked at this.

To view complete report of NSSlabs that I mention before please have looked at:

http://www.nsslabs.com/research/endpoint-security/browser-security/

Graph also copied from the report.

 

 

Malware Protection in Internet Explorer 8

Internet Explorer 8 came with greater protection and better security. NSSLabs is independent security Research Company, they done a research regarding to different browsers and the result was great. Internet Explorer 8 wins over other browsers; it means that using Internet Explorer 8 will give you greater protection. As you see in the chart below, Internet Explorer blocks 81% of malicious websites, websites that contain Virus, Worm, Trojan, Spyware, etc. It means that before you log on to websites that contain Virus and before you download anything or your Anti-Virus shows that this Virus is removed Internet Explorer will block the website for you. Note that this feature will NOT replace your Anti-Virus but it is additional protection layer that will help you against Malware. This is thanks to Internet Explorer 8 new SmartScreen filter that will detect Malware and Phishing websites and will block them for you.

 

 

Now, let’s talk about response time, as you see there are certain Malware that did not detect by Internet Explorer and other browsers, and then what will happen is they will report them to their browser vendor. In this case, Internet Explorer did not block some Malware website then it reports to Microsoft which is browser vendor for Internet Explorer. Then it will take some time for each vendor to review website and make sure that their browser will detect it. Again Internet Explorer 8 done great job, as you see in the chart below response time for blocking Malware in IE8 was great. Response time means that you as user find out that website contain Malware (Virus, Worm, Trojan, Spyware…) and you report it. Then it should block it as fast as it can, you don’t want that a website that contain Virus stay unblock for too long.

 

 

NSSLabs, before done a browser Malware test below is comparison between preview browser tests. Green one is the old one and Blue one is new one. As you can see in the second test which was latest one with newer Malware, Internet Explorer 8 protection improved.The rest of browser decline from their past test. Improvement is always better but Internet Explorer 8 was the only one that improved in second test.

 

 

 

I recommend you all to use Internet Explore 8 in order to be more protected and safer online. If you are using Internet Explorer 7, 6, 5 or earlier please upgrade to Internet Explorer 8. It is already inside your Windows Update. I also want you to help all users be more safe and secure and stop the bad guys. In this case if you are using Internet Explorer 8, make sure SmartScreen filter is on. Sometimes you might install add-on in your Internet Explorer that will block SmartScreen filter such as Norton Safeweb in Norton Anti-Virus and Norton Internet Security, in this case you could chose eider use SmartScreen Filter or other third-party protection, but make sure that you have at least one. If you find a website that contain Malware or Phishing (websites that ask you to enter personal information and are fake and try to stole your information) then report it .In internet Explorer 8 you have something called “safety” or you have shield icon or you could access it from Tools menu. After than you click “report unsafe website” , in the website that you are going to report, You have option for Malware that report about Virus, Worm, Trojan, Spyware or anything that could harm your PC. In Phishing part report website if it asks you to provide your personal information or credit card number and in general ask you to fill up something and the website is try to steal that information and is not trusted. Here is how it is look like:

 

 

 

 

 

Some users complain about performance in Internet Explorer, in this case if:

1)      The problem might come from you: if browser crash or cause problem, then windows will file it and ask you to send report. Whenever Windows ask you to report something please send report and click to report issue. This information will review by Microsoft Team and they will resolve it in Windows Update or Service Packs. And then contact Microsoft and gain assistance from them in order to resolve your issue.

 

2)      Website load very slow: in this case I suggest you to download FIX IT for internet Explorer 8 from:

http://support.microsoft.com/mats/ie_performance_and_safety/ 

 

 http://support.microsoft.com/mats/ie_freezes_or_crashes/

 

for complete detail about NSSLabs please visit the following website:

 

·       http://www.nsslabs.com/research/endpoint-security/browser-security/

 

Charts are copied from NSSLab report. This post is date post and will remain base on time, because NSSLab would post or upload new reports.