Microsoft: 1 Out of 14 Downloads is Malware
Microsoft claims that one out of fourteen downloads is malware, and has created a warning system in Internet Explorer 9 that scans the reputation of a file.
Tuesday Microsoft said that IE8 and IE9 actually block between 2 and 5 million attacks each day thanks to the built-in URL-based SmartScreen filter. Even more, 1.5 billion attempted malware attacks have been thwarted since the launch of SmartScreen in the older IE8 browser.
But clearly that's not enough, and in IE9, Microsoft has now added another layer of defense against socially engineered attacks that looks at the application poised to be downloaded by the user. Called Application Reputation, the extra line of defense will be an addition to the current URL-based SmartScreen protection. Essentially the browser will check out the web site's URL first, and then determine if the desired file has been downloaded by other users, and if it has any record of carrying suspicious baggage.
"Using reputation helps protect users from newly released malware programs - pretending to be legitimate software programs - that are not yet detected by existing defense mechanisms," said Jeb Haber, Program Manager Lead, SmartScreen. "Reputation also enables IE9 to remove unnecessary warnings for downloads with an established positive reputation. Both publishers and individual applications build reputation. For example, a digitally signed application from a well-known publisher that has been widely downloaded has a better reputation than an unsigned application that has not yet been downloaded widely and has just been posted on a newly created Web site."
"From our experience operating these services at scale, we have found that 1 out of every 14 programs downloaded is later confirmed as malware," Haber added although that figure only applies to Internet Explorer.
The new Application Reputation process seems to be working. Haber said that Application Reputation warned IE9 users of a malicious program central to a very large-scale malware attack the very moment it hit the Internet (at Hour 0). Traditional URL-blocking and anti-virus protection updates didn't kick in until Hour 11, yet thanks to the new Application Reputation warning, 99-percent of IE 9 users chose to delete or not run the program beforehand.
"In this attack, IE9 Application Reputation interrupted the deception of the attack (which was otherwise very convincing) and most users were able to make a great decision on their own," Haber said. "This outcome is exactly why we built SmartScreen Application Reputation into IE9. 99-percent of users were able to avoid the infection."
- Eole: The Wind-Powered Wrist Watch
- Linux Emulator That Runs In Your Web Browser
- Password Recovery Bug Puts PSN Users at Risk
- Free Xbox 360 if Mandatory Update Trashes Old Unit?
- DROID X2 Launches with Dual-Core Tegra 2
- Cadillac CTS-V Sports Wagon: The Best American Car You Can Buy Today
- Review: 2011 Chevy Volt
- Philips' LED Lightbulb Uses 17-watts as 75-watt Replacement
- Report: iPhone 5 to Get November 21 UK Release
- Forrester Explains The Post-PC Era
- Corner Light Illuminates Dark, Webby Corners
- Intel: Our Nokia Partnership Was a Mistake
- VIDEO: Wii 2/Project Café Caught on Camera
- Couple Names Baby After Facebook's 'Like' Button
- 99% of Android Phones Vulnerable to Data Leak; Google Working on Quick Fix
- U.S. Could Send Military to Deal With Hackers
- Facebook Scanning for Child Porn, Missing Kids
- Apple Closer to Launching Cloud Music Service
- Cell Phone Use Believed To Reduce Male Fertility
Just fixed a computer that took me three weeks to rid of viruses. Then got a complaint that 2000 of the teenager's itune songs were missing. Didn't get a thanks for the 700 I saved.
1 percent of IE9 users involved in the study clicked OK to download the suspicious file...just to spite the annoying Application Reputation filter! XD
Just fixed a computer that took me three weeks to rid of viruses.
Weeks? D: Explain me that! O.O
or as i like to see it 13 out of 14 folks are plain stupid......
I use a chrome addon called WOT pretty much does the same thing plus more
https://chrome.google.com/webstore/ [...] ndpbikblnp
it really useful for the not so technically inclined and the click happy friends and family lol
Just fixed a computer that took me three weeks to rid of viruses. Then got a complaint that 2000 of the teenager's itune songs were missing. Didn't get a thanks for the 700 I saved.
WOW, simple one there, remove HDD scan from stand alone Virus removal machine ( Fully Updated Windows 7 install within VM with all the bells and whistles for nasty Removals)
Once files clean Replace HDD or back up User files, and Re-Install Windows, 1 day max!
Dang, it took Microsoft this long to add such a system? The Norton security software provided by Comcast had this since last year!
Wow it is actually a PLEASURE to read comments here on Tom's. It seems like there still are a remnant of people in the world that have intelligence, a sense of responsibility, and common sense too. It gives me some renewed faith that humanity is not completely doomed.
I agree that 99% of preventing malware and virus infections is using your COMMON SENSE when browsing and down loading files from the net.
Sure it isn't kewl to say it today, but LEARNING and EDUCATION is GOOD.
1 out of 14 people is a moron who thinks videos and music might come in the form of an .exe file and clicks on that flashy button that says "Download Free Paris Hitlon Sex Tape Now!!".
People like that deserves to have their computers wrecked. I wish companies would stop implementing security features that enables ignorance and stupidity. Without that safety net maybe people will finally start to think twice before wandering onto the Internet like headless chickens.
14 out of 14 people STILL RUN AS ADMIN!
Come on guys and gals, when fixing these machines, give them back the shiny thing with two accounts, one called security (with password) and one account called 'family' (etc, with password). Security account is full admin and Family is a standard user. They will still infect themselves but at LEAST it's another easy to setup, obvious option.
You run as admin, so does anything else you click on. "Warning, your pc is infected, click yes to trash your pc, even though you've heard about it, read about it, seen it, still click yes"
Sigh
My kaspersky internet security already does this sort of check .... which I suppose is good as I don't use IE
14 out of 14 people STILL RUN AS ADMIN!
We don't have a choice!
When you're working with Autodesk or other poorly designed software you have to run as admin to have a chance of success. It's even worse with stuff like omron software or small volume stuff from local companies, but still. Long's developers aren't thinking ahead, we're stuck in elevated mode with local admin rights.
I mean at least 400 of the systems I'm supporting have a GPO forcing Interactive into the builtin\administrators group just to make sure as few things as possible fail.
( and if sh1t fucks up we just F12 and redeploy )
@neiroatopelcc: I'm in the same boat and have quite an aggresive GP set for the users here as I CANNOT STAND the way these things are made. Heck, we didn't have java installed until the latest version of Syspro (A program that won't work with UAC at all) arrived.
When I ususally go on about not running as admin, I'm really talking about home users. We're behind hefty firewalls and crazy virus apps in business while home users are sitting there clicking on anything and everything. Damn shame.
We've been dependant on java for years. Since 1.5 really. Half of our administrative software depends on it really.
Anyway, at home it's simply because people are lazy. But I'm running as admin myself. Hell even my minecraft server's running as builtin\administrator ...
Security is useful, but you get futher with intuition than security measures.
I run as admin because the Synergy software does not work else.
It opens, yes; it connects, yes; it commands the mouse and keyboard, yes; but when another program pops in, whatever program, the mouse disappears if not running as admin. Seems without admin, synergy links the focus to only the current window.
Thank you, Microsoft! Thank you, Bill Gates, for making this possible!
Just fixed a computer that took me three weeks to rid of viruses. Then got a complaint that 2000 of the teenager's itune songs were missing. Didn't get a thanks for the 700 I saved.
Wow you suck.
Just fixed a computer that took me three weeks to rid of viruses. Then got a complaint that 2000 of the teenager's itune songs were missing. Didn't get a thanks for the 700 I saved.
Dude, you need to fire your instructor and find a new one. You will make others laugh here.
Your entire account does not need to be admin to run your software. You can give individual apps/shortcuts admin rights. Seems like some people learn only enough about security to make them dangerous.
Yes I'm an offender as well, some of my machines run as full admin because I'm the only one that uses said machine. All others get limited accounts. I think I'll be changing this though as malware is getting ridiculous these days.
I do think that computer illiterate people should not own a computer or at least not be allowed on the internet. I fix peoples computers install all security measures/anti-virus etc....and they bring it back a week later all jacked up again telling me "oh, it wouldn't let me do such and such so i disabled anti-virus!"
Anyway my complaining is done i hope the first part helps some people.
anybody got a hack for IE8 that turns smart screen filter and in private data blocking into a tic box like pop up blocker for internet options so that you don't have to continually keep turning on these features. there is alot of xp users who aren't going to upgrade so long as there is software they need that works with xp. quite frankly i don't blame them for as bad as 7 tries to automatically set it's self up with static ip's in a fixed dsl non pppoe ip like some service providers have.
i miss the manual set up like was last used with win98, some of us actually know what we are doing and can do it faster then the water/bathroom break you have to take that xp-vista-7 requires you to sit and wait forever in a day for and only gets the simple stuff correct.
I don't have this problem at all, I run Win XP through VirtuaBox on Ubuntu 10.10. Even if my VM gets a virus on it, 15 min i'm reset like nothing happened. Dual boot win 7 for games.
Everyone who gets his/her computer infected with malware probably deserves it. I don't think that the most secure OS in the multiverse will stop humans from getting their computer infected, when using the internet. Seriously, there should be a law where people have to pass certain exams to get license to be able to go online. Like a bio authentication or something. Hopfully people will evolve someday, and understand what looks like a suspicious file/attachement, banner, link, e-mail, software/toolbar and so on..
Good security feature in IE9, but that’s also a marketing point that Microsoft is using to encourage users to download IE9