Microsoft has said that the problem of user-downloaded malware is snow-balling into a "huge" one with social-engineered attacks becoming more common than attacks on security vulnerabilities. It added that the new SmartScreen Application Reputation for IE9 can protect users from such risks.
Social-engineering attacks typically trick users into running malicious programs on their computers.
Microsoft said that 1-out-of-every-14 programs downloaded is later confirmed as malware.
The company said that Application Reputation — a natural extension of current protections — in IE9 helps protect users from the socially engineered malware attacks.
In its Windows Internet Explorer Weblog, the company said that the SmartScreen Filter, its Web browsers blocks around five million attacks everyday for IE8 and IE9 users.
It said, "Through the SmartScreen Filter, IE has been effective at blocking socially engineered malware attacks and malicious downloads…Since the release of IE8, SmartScreen has blocked more than 1.5 billion attempted malware attacks."
The most popular ways of tricking users are offers of free movie downloads, fake virus alerts and emoticons downloads.
The company said that URL-based protection from socially engineered malware attacks is an important layer of defence, which the new layer of SmartScreen Filter in IE9, "SmartScreen Application Reputation," makes use of.
The protection works by taking into account the reputation that applications and publishers build from actual customers.
The company said, "IE9 uses an application’s reputation to warn customers about downloads that carry a higher risk because they have not yet established a reputation. More than 50% of programs lacking a reputation are new to the Web on a given day. On a daily basis, 25% to 70% of programs that trigger an Application Reputation warning in IE9 are later confirmed as malware."
"Programs and publishers that have already built reputation do not show a warning."
