The latest version of Microsoft’s Internet Explorer promises to make it harder for malicious hackers to push dodgy Web applications onto end user systems, with a new Application Reputation filter.
In their latest post, the Internet Explorer Weblog, the company details the ways in which IE 9 and its new SmartScreen Application Reputation mechanism protects users against socially engineered attacks. The new filter uses URL and application reputation ratings to preempt the installation of malicious or suspicious apps. Microsoft says the new feature will reduce the impact of socially engineering attacks.
IE 8 and 9 both use a filter called SmartScreen that protects against malware and phishing attacks. SmartScreen Application Reputation adds a new layer to those filters, employing URL and application reputation lists to weed out malicious applications.
The goal is to reduce the number of warning prompts that IE generates when installing new applications. Research suggests that users quickly become desensitized to such warnings and ignore them. The SmartScreen Application Reputation filter is designed to allow legitimate applications to install seamlessly, and to limit warnings to only those downloads which actually represent a legitimate threat.
Thus far their research has shown that new warning system is very effective. Ninety percent of IE9 Beta and RC users were never shown a warning because they downloaded only reputable programs. Between 20% and 40% of downloaded files that do not have an established reputation are eventually classified as malicious. These are malware downloads that have managed to bypass all existing solutions and would likely be run by users if not warned. 95% of previously undetected malware is deleted by users when presented with the Application Reputation warning.
Early release candidates of IE9 have revealed other innovative security features. A new privacy technology called Tracking Protection that makes it easier for users to prevent sites from tracking their movements online. A new ActiveX Filter allows users to turn off ActiveX controls globally, or to do so on a more granular basis.