Windows SmartScreen filter, Download Reputation, XSS Security features

Microsoft has introduced the SmartScreen feature which has over time delivered over a billion blocks to potentially dangerous downloads. To help better protect consumers from malware in Internet Explorer, Microsoft has introduced a rating called Download Reputation. SmartScreen Application or Download Reputation in IE will help users distinguish between well-known downloads and those that are a higher risk to their computers.

smartscreen

Windows SmartScreen or Download Reputation

Internet Explorer provides the first download manager with integrated SmartScreen malware protection and introduces SmartScreen download reputation. SmartScreen Download Reputation is a groundbreaking browser feature that uses reputation data to remove unnecessary warnings for well-known files, and show more severe warnings when the download has a higher risk of being malicious.

The feature has now been improved upon and enhanced in Internet Explorer. The SmartScreen Filter now dynamically determines, whether a website is dangerous or not, by pinging remote servers each time a user tries to reach a web page.

The feature thus warns users if they visit a known or a suspected website and then prevent any downloads from that site or prevent the site from injecting malicious code.

SmartScreen’s malware protection focuses on identifying and blocking sites on the web that are distributing malicious software.  As a reputation-based feature, SmartScreen can block new threats from existing malicious sites, even if those threats are not yet blocked by traditional anti-virus or anti-malware signatures.  In this way, the SmartScreen filter complements traditional anti-virus products by providing additional dimensions for both identification and protection.  For comprehensive protection from malware, we highly recommend that users also install traditional anti-virus products and keep them up to date.

Read: Enable or Disable SmartScreen Filter in Internet Explorer

Users today are often conditioned to ignore generic warnings that are shown for every download. Other browsers show the same warning whether a file is an extremely common program or a piece of malware created literally minutes ago.

Advt

^

Internet Explorer is the only browser that uses download reputation to help users make safety decisions. SmartScreen Download Reputation allows IE to remove warnings for commonly downloaded programs and show actionable warnings for programs that are higher risk.

In IE Download Manager you’ll see, there’s a clear warning for the higher risk program, and there’s no warning at all for the well-known program. You may see messages like:

This program could harm your computer

This program is not commonly downloaded and could harm

With SmartScreen Download Reputation in IE, consumers can then make better safety decisions. More on this at Microsoft.

Microsoft has also provided this Application Reputationcapability to all Windows users. When this opt-in feature is enabled, an Application Reputation check is made on the first launch for programs that are downloaded from the internet. Windows SmartScreen will notify users if they are about to run a program that has not yet established reputation and therefore is a higher risk program. For programs or publishers with an established reputation, the experience is simple and clean: Click and Run.

This message disrupts the social engineering aspect of an attack and allows the user to make a more informed trust decision.

When Windows SmartScreen is enabled in Windows 10/8, Internet Explorer 11/10 integrates seamlessly with the Windows SmartScreen experience.

Read: SmartScreen filter warning messages explained.

XSS Security feature in Internet Explorer

Internet Explorer now is more secure! Among its new or enhanced security features is XSS or Cross-site scripting protection.

XSS or Cross-site scripting is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users.

By default, this feature is enabled in IE. When the filter discovers a likely XSS in a cross-site request, it first identifies & then neuters the attack, if it is replayed in the server’s response.

You might want to read these posts too:

  1. Enable or Disable SmartScreen Filter in Internet Explorer
  2. How to bypass SmartScreen filter and download files
  3. Prevent bypassing of SmartScreen filter warnings.
Posted by on , in Category IE with Tags
Anand Khanse is the Admin of TheWindowsClub.com and a 10-year Microsoft MVP Awardee in Windows for the period 2006-16. Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.