Q

Drive-by virus: How to prevent drive-by download malware

There are several security strategies enterprises can implement to prevent drive-by download malware infections. Get tips in this expert response.

Some of our users fell prey to recent drive-by attacks. What are the best strategies for preventing drive-by attacks? Are some browsers better at doing so than others? Are there browser add-ons we could implement to mitigate the threat?

A drive-by download attack on IE8 and below was patched, and enterprises should already have a plan in place for comprehensive patching to ensure browsers and all of the software on a system is updated. If you have software or applications that require older versions of IE, you can implement other security controls to prevent drive-by attacks. You will need to determine which controls best fit in your environment and block the most common attacks you see.

One additional security control for preventing a drive-by virus infection is using different Web browsers, and only using vulnerable versions of IE on the specific applications that require it. General purpose Web browsing could be done using an alternative Web browser like Firefox, Chrome, Opera, etc. All of these browsers usually have different security vulnerabilities than IE, and will also require periodic security updates. If you use an alternative Web browser, it should be included in your security plans. These browsers are typically updated faster and more frequently than IE, which helps reduce the risk from unpatched vulnerabilities.

For individually managed systems, using a Web browser that is self-updating or notifies you when an update is necessary ensures patches are applied. Enterprises may need to evaluate if this meets their security requirements, but automated rapid updates with security patches will help improve security with, generally, a minimum impact on functionality.

Using browser add-ons could also reduce the risk. Add-ons like NoScript for Firefox, which allow better control of Java, Javascript, Flash and other mobile code, can help reduce the risk of malware. Adblockers for Firefox could also be used to block malicious ads. There are other tools that run browsers in virtual machines or with limited privileges that could reduce the risk from drive-by attacks. However, remember that just as alternative Web browsers require security updates, add-ons also require maintenance.

This was first published in October 2011

Dig deeper on Web Application and Web 2.0 Threats

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close