This past week the Internet Explorer team blogged about this feature in the IE9 Beta and let everyone know that it was available and could be activated on their IE9 Beta installs.
You can experience the protection of the SmartScreen application reputation service yourself by ensuring SmartScreen is enabled. Just click the Tools Button | Safety | Turn on SmartScreen Filter menu item, then choose Turn on SmartScreen Filter in the following dialog.
SmartScreen is not a new feature for IE. In fact, it is present in IE8 but the implementation in IE9 is different to help further highlight the risks downloading files could have.
In the course of daily browsing, many consumers see warnings that say "This type of file may harm your computer" when downloading files. This warning may be accurate in some sense, but it is not helpful or relevant for the vast majority of internet downloads. Most consumers are accustomed to just ignoring this warning since it is shown when downloading almost any file from the web.
With IE9 we looked at ways to improve our malware protection overall and the experience consumers have with downloads. We had two primary goals in mind to help consumers make better trust decisions when downloading programs from the web:
- Show more useful warnings when a program is a higher risk
- Reduce the number of generic, unhelpful warnings consumers see when downloading programs
In analyzing software downloads actively in use on the internet today, we found that most have an established download footprint and no history of malware. This was the genesis of SmartScreen application reputation. By removing unnecessary warnings, the remaining warnings become relevant.
With SmartScreen Application Reputation, IE9 warns you before you run or save a higher risk program that may be an attempt to infect your computer with socially engineered malware. IE9 also stays out of the way for downloads with an established reputation. Based on real-world data we estimate that this new warning will be seen only 2-3 times a year for most consumers compared to today where there is a warning for every software download.
Curious why we need another feature like this? Isn’t there enough things out there already that protect us from these types of threats?
The key challenge with malware on the internet is that attacks are fast moving and quick to change. The importance of application reputation is as an early warning system. There is latency between the outbreak of an attack and when it is detected and blocked. Consumers today are unprotected during that time. Think of this new warning as “stranger danger” – it’s an early warning system for undetected malware. No antivirus or protection technology is perfect; it takes time to identify and block malicious sites and applications. Blocking after detection is still an important strategy, but there remains a gap between the start of an attack and when it is detected and blocked. IE9 SmartScreen application reputation fills that gap.