Select a language to translate this page!
Powered by Microsoft® Translator
Users are continuously getting smarter and more educated about the things criminals are doing on the web. Because of this, the criminals have to change their tactics. One of the ways they are doing this is by buying ads on prominent web sites, and finding ways to serve up malicious content through those ads. Some of these websites might be some of your favorite websites you visit regularly and you might be thinking “hey, I only visit good websites” – unfortunately even “good” websites (websites not intending to harm the reader in any way) can be affected.
Many websites make the money it takes to operate through displaying ads from an ad network. Through that ad network, a website can unknowingly display a malicious ad on their website which puts their readers at risk. CNET recently posted an article about ad networks from Google, Fox, and Yahoo serving out malicious advertisements. This is not something that affects just one ad network, it’s an industry issue.
TechCrunch (a favorite website of mine) is a recent example of a website unknowingly delivering malicious advertisements from 3rd parties to their readers. A few pages on TechCrunch were blocked by Internet Explorer 8’s SmartScreen Filter. The SmartScreen Filter in Internet Explorer 8 was blocking several posts from TechCrunch due to malicious content being included in ads that TechCrunch’s ad network was serving to the readers of TechCrunch.
We were able to see the SmartScreen Filter in action keeping the TechCrunch readers using Internet Explorer 8 safe from the malicious ads.
Since launch, Internet Explorer 8 has blocked over 560 million malware sites. This averages out to be about 3 million blocks per day. Because of this ongoing thread with malicious advertisements, it is important to use a browser that keeps you safe and protected.
IE8's all right, but sometimes it can be TOO secure. A very annoying issue (in mine and many others) is a prompt that comes up when a person wants to go to a https website that also contains non-https elements, and even though the site is safe, it still prompts you.
Amit, of Labnol, posted a pretty useful article about this today, so I thought I should share: www.labnol.org/.../13388
He details the problem, including a link to MSDN's word on it, and a video and description of how to fix it.
Perhaps the IE9 team could take a look at it.
So IE blocks the whole page? Why doesn't the SmartScreen filter just block the ad if the page itself is legitimate? Also, it's my understanding that the SmartScreen filter determines the reputation of URLs based on user feed back and other sources. So this raises the question of how long did it take for SmartScreen to determine that malicious advertisements where being served from TechCrunch and how many people were exposed to the malicious advertisement?
This is important to know so that we can compare it to other technologies such as FireFox's AdBlock Plus and NoScript add ons. A very similar incident also happened here a few weeks ago to a popular online shopping web site. They were unknowingly serving malicious advertisements and this also made headline news locally. FireFox with the AdBlock Plus add on handled it perfectly, it simply blocked the ad and the page loaded normally and was usable. If AdBlock Plus by any chance does not block the ad, then NoScript would have stopped the ad from doing anything unless I have it on my white list.
I dumped IE and switched to Safari for Windows after MS decided to discontinue IE9 for XP. Not all of my machines can be upgraded to Windows 7, certainly not in this economy.
Stop praising IE, it would be better for us and rest of the world! :D
I like the way Microsoft declares the new features of IE for each new version as if they are new innovative things never spotted in other browsers.