Blocking (Internet Explorer) drive-by malware downloads

Blocking (Internet Explorer) drive-by malware downloads

Summary: In this image gallery, we take Haute Secure's new Internet Explorer browser add-on for a whirl, looking at the installation and use of in real-world examples.

SHARE:
13

Haute Secure - blocking drive-by malware downloadsLast week, I wrote about Haute Secure, a new browser toolbar promising to to block drive-by exploits from compromising Windows computers.

The company, founded by four former Microsoft employees, has fitted behavior-based profiling algorithms into an Internet Explorer toolbar to identify and intercept malicious files in real-time.

Currently available as a free beta download, Haute Secure offers two levels of color-coded protection -- passive warnings and aggressive blocking.

Click here for an explanation of the technology.

In this image gallery, we take Haute Secure for a whirl, looking at the installation and use of Haute Secure in real-world examples.

Topics: Malware, Browser, Microsoft

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

13 comments
Log in or register to join the discussion
  • lol

    I installed the Haute Security app and then opened zdnet.com. I recieved an organe warning from Haute Security...

    [b]Content on this site comes from a domain (zedo.com) that was caught launching attacks against unsuspecting users[/b]... etc.

    That's interesting.
    Badgered
    • Very

      That's *very interesting*. Following up with Haute Secure.

      _r
      Ryan Naraine
      • Since it's not there today....

        ...I'm guessing it was coming from one of the ads on the page yesterday.
        Badgered
        • Sedo ad

          The guys at Haute Secure explained, via email:

          SNIP:

          Basically, Zedo served an ad laced with malware that went through 4 different referring URL's and eventually dropped a drive-by Trojan on our verification machine: sysfgai.exe which doesn't appear to be stopped by many anti-virus or Spyware products, but we will given our behavioral approach.
          Ryan Naraine
          • In that case

            if the information is correct, I would hope that ZDNet would start to do a better job of scrutinizing(sp) the ads placed on their site.
            Badgered
          • Agree

            Can you get to www.hardwaregeeks.com with HauteSecure installed?

            _r
            Ryan Naraine
          • nope, blocked. <nt>

            .
            Badgered
          • It is interesting...

            ...to see which sites are blocked. One interesting thing that just happened was that I was at surfcontrol.com reading some information.. clicked on a link to one of their PDFs and Haute Security blocked AcroRd32.exe because it was doing something "suspicious". It's suspicious activity was trying to access Windows\System32\smss.exe, which should (it seems to me)be a normal activity. Well, it is beta after all.
            Badgered
          • Zedo Block

            For more information on the zedo.com block, please see the post at:
            http://community.hautesecure.com/forums/t/75.aspx

            Thanks,
            Frank Swiderski
            Haute Secure
            fswiderski
  • Unless of course...

    It's not considered malware or spam by Microsoft.

    http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220070157227%22.PGNR.&OS=DN/20070157227&RS=DN/20070157227

    Gotta love those folks from Redmond...it must be an interesting world there...
    Cardinal_Bill
  • Hardware Geeks

    For more details on the Hardware Geeks block, please see the writeup at:
    http://community.hautesecure.com/forums/t/63.aspx

    Thanks,
    Frank Swiderski
    Haute Secure
    fswiderski
    • Good to know, thanks for the info <nt>

      .
      Badgered
  • That suits...

    "Currently available as a free beta download, Haute Secure offers two levels of color-
    coded protection ? passive warnings and aggressive blocking."

    Given it's running on a passive-aggressive operating system, that's very well suited to
    the environment.
    Resuna