Tuesday, February 23, 2010

Block all Drive-By Download Exploits

In the interest of arming students with tools and techniques to protect themselves from malicious software Id like to discuss the imminent arrival of BLADE - short for Block all Drive-By Download Exploits.

BLADE appears to be similar to Sandboxie - another tools Ive discussed in the past. Phil Porras, a Program Director for the project from SRI International, states that BLADE acts as a sandbox for the browser and prevents malware from being written to the hard drive.

Although the BLADE project team has not yet released the tool, it has published interesting statistics gathered during the testing of the software. To date BLADE has tested 5579 Drive-By Exploits from 1318 unique malicious URLs. According to these statistics, users running Microsoft Internet Explorer were successfully compromised 43.9% of the time.

Further, the Adobe Reader plug-in was successfully compromised 56.8% of the time.
The most disconcerting statistic is that Anti-Virus software failed to detect 72.8% of these exploits.

No comments: