MSE Saves the Day

Jan 26, 2010

Last night, while surfing around for some medical information, one of the sites I stumbled upon through Google's search results tried to install a Trojan on my computer! This was surprising, seeing as I was using Firefox 3.6 with AdBlock turned on. Thankfully, Microsoft Security Essentials saved the day, alerting me to the fact that a nefarious application was trying to install itself. The tool caught the incursion, alerted me, and successfully removed it from my system. I then did a full scan and it found no other problems.

I've read that drive-by attacks like this are becoming more common, but until now I hadn't ever been affected. Several of my plug-ins were outdated, so I updated them, though I'm not certain any of them were involved in this attack (Java never loaded, and there was no embedded media on the site).

That being said, make sure to surf with protection; there's some nasty stuff out there.

software
Newer Post Previous Post

2 Comments

kip

8:38 PM on Jan 26, 2010
But, had MSE not been present, would you really have gotten any kind of virus just from viewing a website? If so, how? Your web browser just renders the content it is given, but doesn't execute any downloaded code. Even with Flash and Java, those plugins run in their own security sandbox, in isolation from your system. If there is a security hole in one of those layers then I something bad could happen, but usually such security holes are very short-lived, especially if you're not using Internet Explorer.

Jonah

9:35 PM on Jan 26, 2010
You ask a good question. I'm not sure I would have been infected, but I'd much rather be safe than sorry. I have seen proof-of-concept attacks before where, even with Firefox, arbitrary code could be executed (I once tried an example that started the Calculator app in Windows). Mozilla is clearly good at providing fixes quickly, but in the world of malicious code, it's essentially an arms race. I thought that only Chrome ran plug-ins in a sandbox environment. I'm pretty sure Firefox allows (some level of) arbitrary access to the system. Flash security holes are pretty common, hence the "NoScript" extension. None of the Flash security advisories that I've seen mentioned that it only worked in IE; I think everyone is affected if your version of Flash is downlevel. One more reason why the plug-in checker is so handy in FF 3.6.

Leave a Comment

Ignore this field:
Never displayed
Leave this blank:
Optional; will not be indexed
Ignore this field:
Both Markdown and a limited set of HTML tags are supported
Leave this empty: