Real-World Protection With IE8’s SmartScreen Filter™

IEBlog

Windows Internet Explorer Engineering Team Blog

Real-World Protection With IE8’s SmartScreen Filter™

Back in March, I posted a note to the IEBlog when the pre-release version of IE8’s SmartScreen Filter had delivered its 10 millionth malware block. Today, I’m happy to report that IE8’s SmartScreen Filter has delivered more than 70 million blocks in the first four months since IE8’s official release, for a cumulative total of 80 million blocks. This data is a strong indication of the value of the protection SmartScreen provides, and of just how widespread socially-engineered malware attacks are on the web today.

While we were proud of the work that went into SmartScreen leading up to IE8’s release, we knew that it was only the beginning of our efforts. Microsoft’s commitment to Trustworthy Browsing didn’t end when we signed off on the final IE8 code-- the reputation services behind SmartScreen represent an ongoing investment that we strive to improve every day.  

Eighty million blocks is an incredible number of attacks thwarted-- each malicious download blocked helps prevent compromise of that user’s computer.  The other key numbers that I announced in March are holding strong, even with a rapidly expanding user base:

  • IE8 is delivering a malware block for approximately 1 out of 40 users every week
  • Approximately 1 of every 200 downloads is blocked as malicious

If you’re not running IE8’s SmartScreen Filter, I believe you are missing a key piece of protection to help ensure your safety on the Internet. IE8 users can ensure that SmartScreen is enabled by clicking on the toolbar's Safety button (or Safety button on the IE command bar if you're in Show Only Icons mode) and examining the SmartScreen Filter submenu. If a “Turn on SmartScreen Filter” item is present, click it to enable protection.

Malware Block Effectiveness

Heading into the launch of IE8, the engineering team commissioned an independent study of SmartScreen Filter by NSS Labs.  Our objective was to gather an accurate and independent baseline measurement of SmartScreen’s protection against socially engineered malware attacks.  That baseline, run against the IE8 Release Candidate, allows us to validate our investments in improved intelligence and technology. Since then, we’ve made major investments in malware intelligence and rapid response systems to provide an ever-increasing level of protection for users.

NSS Labs has just completed a second round of studies on socially engineered malware attacks, and I’m happy to share the results. In this latest test pass, NSS found a 12% improvement in SmartScreen’s protection levels. Here’s the data from NSS Labs on the malware block rate for major browsers:

Table, Mean Block Rate: Socially Engineered Malware

Microsoft’s reputation services team has other significant investments staged to launch in the next quarter, so I expect even better results in the near future.

Phishing Block Effectiveness

We’ve spent quite a bit of time talking about the socially engineered malware threat because it is currently the biggest problem users face.  However, phishing remains a prevalent and important threat to users as well.  We’re continuously making improvements to our data sources and intelligence systems that deliver phishing protection.  This continuous investment keeps IE in the market-leading position it established with the release of the Phishing Filter in IE7. Since then, Internet Explorer 7 and 8 have blocked over 125 million phishing attacks.

The newest NSS study included a test pass for phishing blocks. NSS Labs reported the following block rate for major browsers:

Table, Mean Block Rate for Phishing

You can view the full NSS study at http://nsslabs.com/browser-security.

I hope that the internal data I’ve shared today and the results of the NSS testing are a clear indicator of our commitment to Trustworthy Browsing, and our ongoing execution against that promise.

Thanks,
-Eric Lawrence

  • Loading...