CYBER NEWS

Adware and Browser Modifiers with Changed Detection by Microsoft

Microsoft-Oct-2014As PC users, we are doing everything in the web browsers and this would have been wonderful if the cyber attackers, advertisers and scammers have not been trying to get their code in the browsers that we use. This is usually done in various ways, mainly through browser objects and extensions that are able to modify the browser settings and in this way to prevent the users from making changes of their own.

The browser vendors detected that some of the extensions are adware and thus, stop them from unwanted actions execution. Many of the browsers disable the new extensions until renewed launching of the browser. Then, they ask the user if he wants to run that extension or not. Now Microsoft is changing the way in which it detects the extensions’ unwanted behavior. This will be applied not only in Internet Explorer but also in all browsers that are running on Windows and is done in order to prevent the extensions from bypassing dialogs that are intended to allow users choose whether to install or run the extensions.

Geoff McDonald of Microsoft informed that some of the technical methods that are used by the bypasses include Group Policy settings and registry changes, as well as file preferences modifications. When the user is installing an extension into the browser, the browser consent dialog should be prompted. Otherwise, the application will be accepted as a browser modifier by the security products. There are certain extensions and applications that prevent the user from altering the settings of the browser or change back the settings that are modified by the user. This should not be so.

The unwanted programs and extensions find it difficult to hide their intentions. They try to pose as different kinds of applications and to make various background changes. In certain occasions, the browser extensions are also applying these techniques. The officials from Microsoft informed that these deceptive techniques will result in extensions that will be classified as adware.

The Microsoft specialists have seen different programs that change or replace certain hyperlinks with different URLs than those used by the website owner. Often the hyperlink is totally misrepresented and sends the users to a different webpage than the one they expected to find. For example, a case of misrepresentation is a hyperlink that directs the user to an advertisement before this user can view the intended webpage. This behavior will qualify a certain program as adware.

Avatar

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...