Futurecat - Michael Karek

The SmartScreen team just informed me that we’ve reached an amazing milestone – Internet Explorer 8 has blocked 1 billion attempts to download malware!

Socially engineering attacks like malware are a growing threat on the internet and are one of the most common risks to people’s safety online. We introduced malware protection in Internet Explorer 8 as part of the SmartScreen Filter and have talked about it on the Windows Experience Blog a couple of times over the last year.

Here are a couple of quick facts about Internet Explorer and malware as we hit this 1 billion blocks milestone:

• NSS Labs have recognized the Internet Explorer 8 SmartScreen Filter as a leader in protection against Socially Engineered Malware in their August 2009 and March 2010 reports which compared Internet Explorer 8 to Chrome, Firefox and others.
• Our malware block rates continue to improve because we continue to improve the SmartScreen service back-end. For example, in August 2009 we had blocked about 70 million attempts to download malware or about 18 million blocks per month. At the time, according to Net Applications, about 15% of the internet population used Internet Explorer 8. In the last two months, we’ve blocked 100 million attempts to download malware. Last month, according to Net Applications, nearly 26% of the internet population uses Internet Explorer 8. There are 1.7 times more users on Internet Explorer 8 than August 2009 but we’re blocking 5 times more malware month on month.

1 billion malware blocks is an amazing milestone and an example of two things. First socially engineered attacks like malware continue to be a real threat for users on the web. Second, to help keep you safe online your browser needs to continually enhance and improve its service. We have got better and better at blocking malware through the SmartScreen Filter because we have continued to invest in our back end service since we released IE8 in March 2009. It’s this investment that has kept us at the top of the socially engineering malware charts according to NSS Labs and has helped our customers stay safe online.

If you haven’t already upgraded to Internet Explorer 8, now would be a great time to do so at www.microsoft.com/ie . If you’ve already upgraded, you can check that SmartScreen Filter is enabled by going to the Safety Menu and clicking on SmartScreen Filter. If the menu gives you the option to “Turn Off SmartScreen Filter”, the SmartScreen Filter is switched on.

James Pratt, Senior Product Manager

Internet Explorer Business and Marketing Team

Mein Kollege Brandon LeBlanc kündigte heute auf dem Windows Team Blog die Verfügbarkeit der ersten Beta der nächsten Version Microsoft Security Essentials an. Security Essentials bietet Echtzeitschutz für Heim-PCs vor Viren, Spyware und anderer bösartiger…(read more)

Today we are announcing the beta for the next version of Microsoft Security Essentials. Microsoft Security Essentials was first released in September 2009 and is our award-winning no-cost light weight anti-malware service. It’s designed to help address the ongoing security needs of PCs running genuine Windows – helping keep people protected from viruses, spyware, and other malicious software.

New features in the beta of Microsoft Security Essentials include:

Windows Firewall integration – During setup, Microsoft Security Essentials will now ask if you would like to turn the Windows Firewall on or off.

Enhanced protection for web-based threats – Microsoft Security Essentials now integrates with Internet Explorer to provide protection against web-based threats.

New protection engine – The updated anti-malware engine offers enhanced detection and cleanup capabilities with better performance.

Network inspection system* – Protection against network-based exploits is now built in to Microsoft Security Essentials.

* For Windows XP users: Please note that the network inspection system feature will not be enabled on Windows XP. This is because the network inspection system requires the Windows Filtering Platform (WFP) in order to run, and WFP is only available in Windows Vista and Windows 7. However, if you are running Windows XP, you can still use all other beta features. 

To download the beta of Microsoft Security Essentials, click here to visit the Microsoft Connect page to register for the beta. Once completed – you will find the instructions for downloading and installing the beta. We value your feedback – beta participants are encouraged to provide feedback about their experiences with Microsoft Security Essentials through Microsoft Connect. Please note that this is a limited beta available in English (U.S.), Israel, and Brazilian Portuguese (the beta will also be available in China in Simplified Chinese later this year) and is available to genuine Windows users on a first come, first serve basis until the allotted spots for the beta have been reached.

I’ve already commenced with beta testing for Microsoft Security Essentials – I am running it on all my PCs at home!

UPDATE: We are aware that some users are having issues downloading the Microsoft Security Essentials beta after signing into Microsoft Connect and we are working on resolving the issue. In the meantime, you can use the file transfer manager within Microsoft Connect to download the beta files. After logging into the Microsoft Connect site for the Microsoft Security Essentials beta, click ‘Download Microsoft Security Essentials Beta’,  select the version of Microsoft Security Essentials beta that is right for you (32 or 64 bit), and then click the Download button (Download selected file(s) using FTM).

Nach meinem Blogpost zur Verfügbarkeit der Windows 7 und Windows Server 2008 R2 Service Pack 1 (SP1) Beta bekam ich mehrere Nachfragen, ob das auch mit dem Microsoft Hyper-V Server 2008 R2 funktioniert. Ja, die SP1 Beta ist auch für diese Serveredition…(read more)

As part of our larger effort to provide a safer way for children and families to use the web, we spent a lot of time thinking about how to best balance control with simplicity in the new version of Windows Live Family Safety beta. In particular, we understand that parents are facing new challenges around what information their children access over the internet, who they meet, and what kind of conversations they have.

With that in mind, we designed the new Family Safety to help parents empower their children online, while providing simple controls to monitor and protect their children when needed. We’re doing this by focusing on three core areas:

1. Safer social networking
2. Safer searching across all major search engines
3. Safer browsing with enhanced filtering choices

Safer social networking

As a parent of two teenage boys myself, knowing who their online friends are is just as important to me as knowing whose house they’re hanging out at. When my boys were younger, I used Windows Live Family Safety to manage their contact list so that only people I added to their contact list could send them email or instant messages. Now that they are teenagers, they manage their own contact list, but I still use this feature to see their new contacts and ask about their new friend, just as I would about a new friend at school.

Now this is great if your child uses Windows Live Messenger or Hotmail, but what if they use Facebook? Family Safety web filtering settings have the ability to filter out social networking sites. That means, if your children are too young to be on Facebook or other similar sites, it’s easy to block or restrict their access. It’s important to note that your child doesn’t need a Windows Live ID to use Family Safety – all you need is the local Windows account that your child uses.

We’ve also made it easier to allow a small number of websites which you have personally reviewed, so that you’ll know where your children can go and what private data they might be able to share. Although we’ve always had this feature, customers have told us that it hasn’t always been easy to find. In the new Family Safety, we’ve surfaced “Allow list only” at the top level so that you can easily turn it on or off.

Safer searching

Over the past year, we’ve seen most of the popular search engines introduce Safe Search features to help you avoid inappropriate content for both you and your children. The problem is that all of the sites have different ways of turning on the lock, and you might not use the same search engine your children do. If you have web filtering turned on in Family Safety, safe search will be used automatically for many of the popular search engines that have a lock, so that you can rest easy knowing that your children won’t accidently encounter inappropriate content while searching on these search engines. We currently support search engines on Bing, Google, Yahoo, Ask, Yandex, Virgin Media, and Mail.ru.

Safer browsing

Safer browsing is about general web surfing and contains several parts– including web and image filtering, activity reports, and integration with Windows Parental Controls.

Our most frequent piece of feedback is that using a web filter takes too much vigilance and effort on a parent’s part because there are always websites you need to approve before your children can use them. To help with this, we’ve added the Warn on adult content setting for web filtering for older children whom you trust to make the right choices. This way, when your daughter is doing a paper on breast cancer, for example, she can get to any websites which Family Safety may have inaccurately blocked. And whenever she decides to ignore the warning, you will get an email letting you know.

Family Safety works with Windows 7

Windows Parental Controls comes with Windows and allows parents to restrict when the computer can be used and which games and programs can be run. With the new Family Safety, parents can remotely control these settings to make sure that settings are the same on all the computers their children use, and they can view combined activity reports in one location. A parent can set up the rules once on familysafety.live.com, and then the rules get applied to all their computers. This works great if your children use more than one computer or if you want to manage all of your settings from one place.

Images

There’s also a new filter which looks for adult content in images. This is most useful on sites where people can add their own photos. The filter does its best in blocking some of the adult images, while still allowing more appropriate images to surface. When an image is blocked, it gets blurred out, and the Family Safety icon is displayed in a corner of the image. This feature works on newer hardware. Try this out, and leave a comment on the blog to let us know what you think.

Improved activity reports

Since Family Safety works in all browsers, it logs almost all HTTP traffic. In past releases, this has included URLs which your child didn’t actively visit, such as pop up ads. Family Safety now filters these out so that parents will only see sites their children have actively visited.

Below, you can see an example of an activity report that illustrates this improvement. The “Before” screenshot is an activity report using the former version of Family Safety. The URLs outlined in red are advertisements that the child did not actively visit. The “After” screenshot reflects the same activity report using the new Family Safety. The report is a more accurate representation of the child’s activity online because these URLs do not show up.

Before:

After:

Improved performance

When the web filter is turned on, browsing is noticeably faster. Now the page starts loading right away, but the page is not displayed until Family Safety has determined the rating. There’s also a more efficient way to cache the sites you’ve recently visited on the computer so that you don’t have to wait for those sites to be rated again.

Safer ads in Windows Live

A lot of the ads on the internet are inappropriate for children, and we are doing something about it in Windows Live. If you add your child’s Live ID to Family Safety, we won’t show any paid advertisements on live.com websites when your child is logged into Windows Live.

Child-friendly websites

We’ve long had the child-friendly web setting, which lists about 8,000 sites that have been reviewed and determined to be designed for and safe for children of all ages. But that’s a big list! How do you find a specific site quickly and easily? Now you can use Bing to search across all the sites from the children’s page in Family Safety.

In an effort to help keep children safer online, Windows and Windows Live will continue to invest in safer social networking, safer searching, and safer browsing. Please try out the new features and let us know what you think. Also, don’t forget to check out what’s new with Family Safety on the Microsoft on the Issues blog.

- Phil Sohn

Im März hatte ich Erste Informationen zum Service Pack 1 veröffentlicht – heute ist es soweit: Windows 7 und Windows Server 2008 R2 Service Pack 1 (SP1) steht als Betaversion zum Testen zur Verfügung und enthält alle früheren, über Windows Update bereitgestellten…(read more)

I wanted to talk about a new user safety feature we just introduced in Wave 4:

SmartScreen for URLs

This safety feature is another step Windows Live is taking to protect you from socially engineered attacks and account abuse. This abuse is an industry-wide problem, and we’ve seen a significant uptick in these types of attacks within the context of social networks over the past couple years (details in Microsoft SIR V8, p.119). Social networking targeted scams now account for over half of the phishing attacks that SmartScreen filter blocks in Internet Explorer 8. This trend makes sense; internet users are particularly vulnerable within their social networks because messages appear to come from their friends and contacts. There is an implicit trust boundary being exploited. With Windows Live’s deep social connectivity and increased social feed integration in Wave4, we felt it essential to introduce a new protection mechanism for URLs posted in the Live network.

We’ve been working on this problem for a while. The SmartScreen team has worked with several large social networking partners over the past couple years to combat this abuse and has seen success with both our browser filter and simple features within the social network that help users regain context in the midst of a scam. These features disrupt the social engineering attempt.

With these successes in mind, we’re happy to announce the use of SmartScreen on the new Messenger and Windows Live websites, such as profile and photos. When you click a link on one of these sites, the web request is first examined by our SmartScreen service. The service checks the reputation of the link prior to navigation with three potential outcomes:

1. Direct Navigation (Redirection)

If the website has a positive reputation (e.g., has high traffic and no history of hosting any phishing scams or malware) – the user is directly navigated to the destination website. This is the case most of the time – you go directly to the website you chose, with no interruption from SmartScreen at all.

2. Block

If the link points to a known bad website— for example, one that hosts a malware or a phishing scam—the redirection server navigates the user to a red block page.

3. Informational

If the website has very low traffic or has had a history of abuse, you’ll be taken to an informational interstitial page. This page helps establish context and lets you decide how to proceed.

How do these attacks work?

Attackers can breach social networks by compromising a user’s account and subsequently preying on their friends/contacts or by directly tricking users into accepting them into their social circle. A common attack from a compromised friend’s account might say:

"Hey, check out my new video http://somesite“

When you click on the link, you might get a fake login page that looks just like your regular login page, or a site that looks like a video player but that requires a download (which is malware).

This is a common example, but if you live on the internet and use social networking sites regularly, you’ll probably face many variants of these types of attacks. For the typical user, these attacks are very difficult to discern from a normal interaction with their friends and contacts – we click on links all the time, we log in often, and we download files regularly. Leveraging these common behaviors as elements of an attack is social engineering at work. We understand that some users are able to recognize the characteristics of an attack scenario before falling prey, but for the majority of internet users, these subtle and technical cues are impossible to distinguish from their everyday activity. This is why social networks providers, communication software providers, browser makers, and other software providers must put multiple levels of safety in place to keep their users informed and safe.

Given our past experience in the space, we’re convinced that this feature will help protect you from socially engineered attacks and give us a new tool in the fight to keep you safe online. As with all safety mechanisms, this feature is a learning system, and we’re actively studying the data to continue to improve both the experience and the intelligence.

John Scarrow
General Manager – Safety Services

As Brandon mentioned in last week’s post, we’ve started a TV campaign that recreates some notorious internet scams to show how easy it is to fall victim to online attacks. In the first ad we showed real customers giving personal information like their social security number, mother’s maiden name and ATM password to a fake bank to get $500 for opening an account.

The second ad airs tonight during “So You Think You Can Dance” on FOX, 8PM EST. This time, you’ll see customers willing to have a DNA scan and give hair samples.

Enjoy!

James

Every day we use the internet to shop, book travel and do our banking. To do this we share personal information such as our name and address, credit cards numbers and enter our passwords. We need to be able to do this with confidence, knowing that our information is being used only by the company or organization that we intended to share it with.

Many of us know that criminals are increasingly trying to steal our personal information any way they can. Some attempt to install malware on our PCs or phish for our personal information by pretending to be a legitimate organization. We hear about the importance of online security all the time, but if you’re like me, you probably think it couldn’t happen to you. We’re all savvy consumers, right?

We wanted to raise awareness of just how easy it is to fall victim to these risks and to highlight some of the ways that Internet Explorer 8 can help to protect you. That’s what our new advertising campaign, which kicked off tonight during Fox’s Lie to Me (8/7 Central) and Good Guys (9/8 Central), is all about. We thought the most powerful way to do this would be to tell the story through your eyes, our customer. There are countless real people around the world confronted with online scams every day.

To prove just how vulnerable your personal information is, Internet Explorer 8 re-recreated notorious internet scams–live, off the web– in the most street-smart city in world: New York. We used hidden cameras to film reactions of real people. In the first spot we asked people to provide very personal information in order to open a new bank account which would give them a cash reward of $500. We learned that, just as it is online, it can be hard to tell the difference between the scammer and the real thing. We filmed a lot of people and nearly all of them were convinced our “bank” was the real deal.

By the time we got to some of the more outrageous questions, folks started to be suspicious. At that point we revealed the cameras and asked everyone to personally shred the paper on which they’d written their personal information. But, ask yourself, would you have been able to spot the difference straight away?

While consumer vigilance is the most important defense against online scams like this (you can get some great hints and tips here www.microsoft.com/protect ), we can all benefit from a safety net. As a leader in web browsers, we believe it’s our responsibility to help. For example:

Internet Explorer 8 SmartScreen Filter automatically blocks web pages which look suspicious or have been reported as suspicious and warns you of the risks. Every day the SmartScreen Filter blocks 3 million suspicious pages.

Domain Highlighting also reduces risks by clearly identifying the real location of the page you are viewing and helping you check that it really is the page you were expecting and not just one that looks like the real thing.

Internet Explorer 8 also helps protect your privacy with InPrivate Browsing and InPrivate Filtering. InPrivate Filtering in Internet Explorer 8 helps protect your privacy by preventing information about the Web sites that you visit from automatically being shared with other sites.

You’ll see the ads on TV and online beginning tonight, and you can view them at www.ie8protects.com. Finally, we want to say a very big thank you to everyone who took part and was willing to be help raise awareness of this issue.

We were excited to share with you last week a preview of the brand new Hotmail, available starting later this summer. To follow up, we wanted to share a little more detail around some of the security investments we’ve made in the new Hotmail.

Security remains the number one concern of people who use email and a top priority for all Microsoft development efforts, products, and services – Hotmail included.

Among the several security enhancements we made in the new Hotmail, here are a few in particular that we’d like to call out.

Account recovery

The new security platform elements we’ve built up around Hotmail now enable you to use your cell phone or other items as proof of account ownership. For example, if you lose your password, or, worse, if your account gets compromised, we can now send you an account recapture code via SMS to regain access to your account.

Single-use codes

This new security feature is designed to further protect you when you sign in from a public computer, such as those found in internet cafés, airports, and coffee shops. When you request a single-use code, the code is sent via SMS to the phone number associated with your Windows Live ID. It acts as a one-time substitute for your password. By using a single-use code, you won’t have to type your password into a public computer, thereby helping to prevent it from being stolen by key loggers and the like.

Request a single-use code…	…then use the code to sign in to Hotmail

Full-session SSL

In addition to providing SSL encryption at login for all accounts, the new Hotmail will soon support the option to maintain SSL encryption between you and our servers during your entire Hotmail session.

Trusted senders

Hotmail will help you to visually identify trusted senders in your inbox, particularly banks and other institutions commonly used for phishing scams. We put safety logos next to only those senders that we recognize as legitimate so that you can more easily spot malicious imitators.

John Scarrow
General Manager – Safety Services