One out of 14 download are malware said Microsoft in a blog post. In a blog post Microsoft said "It noted that IE blocks between 2 and 5 million attacks a day for IE8 and IE9 customers through it's browser "Application Reputation Feature".
Application Reputation, a security feature of IE9, not only uses URL-based methods to detect sites that could be hiding malware, but also looks at the file itself and determines if others have downloaded it. A newly created file might not be malware, but it could also be, Jeb Haber, the program manager lead for SmartScreen, noted.
"Using reputation helps protect users from newly released malware programs - pretending to be legitimate software programs - that are not yet detected by existing defense mechanisms," Haber noted. "Reputation also enables IE9 to remove unnecessary warnings for downloads with an established positive reputation. Both publishers and individual applications build reputation. For example, a digitally signed application from a well-known publisher that has been widely downloaded has a better reputation than an unsigned application that has not yet been downloaded widely and has just been posted on a newly created Web site."
"From our experience operating these services at scale, we have found that 1 out of every 14 programs downloaded is later confirmed as malware," Haber said.
In one case, Microsoft said, the company noticed that 99 percent of those that used IE on a newly-released piece of malware chose not to delete or to run the program after IE issued its warning.
Posts
