Microsoft announced on Wednesday that SmartScreen now also protects users from drive-by attacks in Microsoft Edge and Internet Explorer 11. Microsoft SmartScreen has been around for years as a tool to protect users from phishing attacks and malware downloads. The feature uses URL reputation checks and Application Reputation protection to help people avoid web-based attacks. SmartScreen has also come to include warnings for deceptive ads and support scam sites.
In most cases, a drive-by attack gets users to leave a trusted (but compromised) site and go to a malicious page. At this second page, an “exploit kit” will scan the user’s PC for vulnerabilities in other programs (common offenders are Flash, Java or Word) and will take advantage where issues haven’t yet been patched. Microsoft says that the newer problem is how fast these exploit kits are moving to take advantage of new vulnerabilities. They say that this year there have been five cases where exploit kits attacked vulnerabilities on the same day that the patch arrived, and possibly before users secured their software.
SmartScreen will defend against these drive-by attacks before the page loads. And to sidestep causing browser performance to diminish, SmartScreen will create a small (and periodically updated) cache file filled with information about emerging threats. If you land on a potentially malicious page, SmartScreen will load a red warning page and the content won’t render in Edge or Internet Explorer 11 on Windows 10.