Join the best erotica focused adult social network now
Login

Drive-by Downloads

last reply
1 reply
824 views
0 watchers
0 likes
Lurker
0 likes
One of the tasks at my job involves net security, and I found this article fascinating. I want all of my friends aware of two things to watch out for.
If you think that just installing virus protection and not clicking attachments will keep you safe, read this article. It's a blog entry from Symantec. He starts out with some sarcasm:

It is so great to now have the opportunity to choose how to receive your adware. In the past, drive-by downloads were targeted exclusively towards Internet Explorer (IE) users and indeed, many people changed to Firefox or Safari browsers specifically because of this fact. But now you can choose which browser you want to use to be hit with your least favourite adware!

When people contemplated moving from IE to Firefox, it didn’t matter if Firefox was measurably safer than IE or not, the simple fact that the bad guys weren’t targeting it made it far more secure in practice. Those heydays have long since disappeared. In the Symantec labs we still see a greater number of drive-by downloads solely targeting IE; however, we often see sites that will detect which browser you are using and then serve you your specific poison. Moreover, there have been several vulnerabilities discovered that can affect applications that are common across all Internet browsers (such as those that target flash players or Windows Media Player). These types of vulnerabilities can allow exploits to succeed no matter which browser you are using.

True drive-by download pages require no user interaction other than just visiting the page, and the goal is usually to install adware, spyware, diallers, rogue anti-spyware, or any combination of these and more. The WMF vulnerability is the attack vector of choice for drive-by downloads at the moment; however, it can only be considered a true drive-by download vector in IE, since other browsers (such as Firefox and Opera) prompt the users for their input on how to handle .wmf files.


(See another reason why I use Firefox?)

Here's the whole article:

https://forums.symantec.com/syment/blog/article?message.uid=306434

Second, watch out for those popups or pages that say they've scanned your computer and you've got a lot of infections or viruses! It's fake, a misleading advertisement to get you to install their spyware software. I'll show you just one example of many of these out there:

http://www.symantec.com/norton/security_response/writeup.jsp?docid=2008-082610-4202-99&tabid=2

To sum it up, there is rogue anti-spyware out there, so avoid it.