Microsoft Updates SmartScreen To Protect Internet Explorer, Edge Users From Drive-By Attacks
Since its introduction in Internet Explorer 7, Microsoft has helped keep users safe from malware and browser hijacks with SmartScreen. The company went on to introduce SmartScreen as a feature of Windows itself, able to detect malicious software, or at least warn people that software about to be installed is an unknown to the company.
This update could prove very important, as Microsoft has noticed that vulnerabilities are now exploited faster than ever, as the below graph highlights.
That's why being able to detect 0-days before they're even called 0-days is key. Microsoft relays that it's already managed to pull this kind of preventative protection off:
The threat, broadly referred to as the HanJuan EK, was detected by SmartScreen’s exploit intelligence systems. As we dug into the data, we discovered the attack was actually leveraging a new 0-day exploit in Adobe Flash player, meaning that SmartScreen intelligence systems were detecting this attack even before it was identified as a new 0-day exploit. We reported the issue privately to Adobe (CVE-2015-0313) and a patch was developed and shipped.
Up to this point, if Microsoft detected a webpage with malicious elements, it would block the entire thing. Now, SmartScreen can single-out the element by highlighting it, but allow the rest of the page's content to load. This sounds potentially very useful.
At the moment, these updates are exclusive to Windows 10, but Microsoft notes that Windows 7 / 8 updates are en route.