One of the most frustrating security-related problems we deal with is users who install (or unknowingly end up...
with) all sorts of Web browser toolbars, which at best slow down machines and at worst open the door to malware. Short of installing draconian application whitelisting measures, what’s the easiest (and cheapest) way to keep browser toolbars off of users’ machines?
You are not alone in your frustration at the myriad of browser toolbars that suddenly appear on users’ machines. Many toolbars earn their revenue by delivering targeted advertising to the user, often via pop-up ads. Some change browser settings and monitor and report to their control servers on the sites a user visits, often without the user's knowledge or consent. Also, as attacks against Windows and Internet Explorer are becoming more difficult, hackers are turning to automating attacks against third-party browser plug-ins and other non-Microsoft applications. It’s difficult for firewalls to block browser extensions because they're integrated into the Web browser itself.
Interestingly, Mozilla announced in January 2011 it will be blocking the Skype toolbar add-on, which comes bundled with the Skype client, in all versions of its Firefox browser. Mozilla claims the current version of the Skype Toolbar is one of the top causes of crashes of Mozilla Firefox 3.6.13 and can potentially slow down the rendering of regular webpages.
If your organization uses Internet Explorer, you can use Group Policies to lock down certain IE features to improve performance and security. There are various settings you can configure to restrict which add-ons may be installed or run:
- Allow third-party browser extensions;
- Deny all add-ons unless specifically allowed in the Add-on List;
- Do not allow users to enable or disable add-ons.
To uninstall an existing toolbar from Internet Explorer, you need to use the Add or Remove Programs applet, while in Firefox you need to use the Extensions Manager. Adware toolbars can also be removed by running an adware removal tool such as XoftSpySE Anti-Spyware, which can remove unwanted browser add-ons as well as disable unwanted programs from launching at start-up.
Related Q&A from Michael Cobb
Expert Michael Cobb explains how an HTTP referer header affects user privacy and outlines changes that can be made to ensure sensitive data is not ...continue reading
Expert Michael Cobb explains the difference between the REESSE3+ and IDEA block ciphers and explores when each is applicable in an enterprise setting.continue reading
While cookies are critical to delivering personalized Web content, they are a privacy concern. Learn how adding Bloom filters to cookies can help ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.