Microsoft has announced that it has updated its SmartScreen phishing and malware filtering technology for Internet Explorer 11 and Microsoft Edge in Windows 10 to protect users from drive-by attacks.
A drive-by attack, unlike traditional forms of malware delivery, occurs without user interaction by targeting users who merely visit webpages, and may also leverage zero-day exploits. In addition to protecting users from drive-by attacks, Microsoft has stated that the updated version of SmartScreen may also protect users from zero-day exploits—such as the ‘HanJuan EK’ exploit that was discovered last year, which exploited a vulnerability in Adobe’s Flash Player software—even before a patch is made available.
The new drive-by protection feature in SmartScreen is, according to Microsoft, the result of data collected over the course of a year by a variety of data sources, including Bing, the Enhanced Mitigation Experience Toolkit (EMET), Internet Explorer, Microsoft Edge, SmartScreen, and Windows Defender.
In addition to offering protection from drive-by attacks, the user experience in the latest update to SmartScreen has been enhanced. As shown in the screenshot posted above, when a potentially malicious frame is detected in a webpage, only the frame itself will be blocked. Previous versions of SmartScreen obscured entire webpages with a warning when a potentially malicious frame was detected—even if the webpage itself was not malicious—inconveniencing users.
While the aforementioned improvements to SmartScreen should make browsing the web a safer and more enjoyable experience for users of Microsoft’s web browsers, they have arrived at a time where users are switching to alternative browsers. And even with these improvements, Microsoft has cautioned that users should regularly install all available security updates as soon as possible.