David Kirkpatrick

February 22, 2010

A tool to stop “drive-by downloads”

If this thing works, everyone ought to use to it.

From the link:

Researchers at SRI International and Georgia Tech are preparing to release a free tool to stop “drive-by” downloads: Internet attacks in which the mere act of visiting a Web site results in the surreptitious installation of malicious software. The new tool, called BLADE (Block All Drive-By Download Exploits), stops downloads that are initiated without the user’s consent.

“When your browser is presented with an [executable file] for download, it’s supposed to prompt you for what to do,” said Phil Porras, SRI’s program director. But software can also be pushed onto an unsuspecting user’s computer without ever asking for permission.

In the fourth quarter of 2009, roughly 5.5 million Web pages contained software designed to foist unwanted installs on visitors, according to Dasient, a firm that helps protect websites from Web-based malware attacks. Such drive-by downloads target computers that are not up-to-date with the latest security patches for common Web browser vulnerabiltiies, or are missing security updates for key browser plug-ins, such as Adobe’s PDF Reader and Flash Player. Attackers use software called exploit packs, which probe the visitor’s browser for known security holes.

1 Comment »

  1. Sounds a great idea. Let me know when it becomes available please.
    Many thanks
    Steve

    Comment by Steve Hal — March 8, 2010 @ 11:24 am


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: