Microsoft has introduced the SmartScreen feature which has over time delivered over a billion blocks to potentially dangerous downloads. To help better protect consumers from malware in Internet Explorer, Microsoft has introduced a rating called Download Reputation. SmartScreen Application or Download Reputation in IE will help users distinguish between well-known downloads and those that are a higher risk to their computers.
Windows SmartScreen or Download Reputation
Internet Explorer provides the first download manager with integrated SmartScreen malware protection and introduces SmartScreen download reputation. SmartScreen Download Reputation is a groundbreaking browser feature that uses reputation data to remove unnecessary warnings for well-known files, and show more severe warnings when the download has a higher risk of being malicious.
The feature has now been improved upon and enhanced in Internet Explorer. The SmartScreen Filter now dynamically determines, whether a website is dangerous or not, by pinging remote servers each time a user tries to reach a web page.
The feature thus warns users if they visit a known or a suspected website and then prevent any downloads from that site or prevent the site from injecting malicious code.
SmartScreen’s malware protection focuses on identifying and blocking sites on the web that are distributing malicious software. As a reputation-based feature, SmartScreen can block new threats from existing malicious sites, even if those threats are not yet blocked by traditional anti-virus or anti-malware signatures. In this way, the SmartScreen filter complements traditional anti-virus products by providing additional dimensions for both identification and protection. For comprehensive protection from malware, we highly recommend that users also install traditional anti-virus products and keep them up to date.
Users today are often conditioned to ignore generic warnings that are shown for every download. Other browsers show the same warning whether a file is an extremely common program or a piece of malware created literally minutes ago.
Internet Explorer is the only browser that uses download reputation to help users make safety decisions. SmartScreen Download Reputation allows IE to remove warnings for commonly downloaded programs and show actionable warnings for programs that are higher risk.
In IE Download Manager you’ll see, there’s a clear warning for the higher risk program, and there’s no warning at all for the well-known program. You may see messages like:
This program could harm your computer
This program is not commonly downloaded and could harm
With SmartScreen Download Reputation in IE, consumers can then make better safety decisions.
Microsoft has also provided this Application Reputationcapability to all Windows users. When this opt-in feature is enabled, an Application Reputation check is made on the first launch for programs that are downloaded from the internet. Windows SmartScreen will notify users if they are about to run a program that has not yet established reputation and therefore is a higher risk program. For programs or publishers with an established reputation, the experience is simple and clean: Click and Run.
This message disrupts the social engineering aspect of an attack and allows the user to make a more informed trust decision.
When Windows SmartScreen is enabled in Windows 10/8, Internet Explorer 11/10 integrates seamlessly with the Windows SmartScreen experience.
Read: SmartScreen filter warning messages explained.
XSS Security feature in Internet Explorer
Internet Explorer now is more secure! Among its new or enhanced security features is XSS or Cross-site scripting protection.
XSS or Cross-site scripting is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users.
By default, this feature is enabled in IE. When the filter discovers a likely XSS in a cross-site request, it first identifies & then neuters the attack, if it is replayed in the server’s response.
You might want to read these posts too: