One of the most frustrating security-related problems we deal with is users who install (or unknowingly end up with) all sorts of Web browser toolbars, which at best slow down machines and at worst open the door to malware. Short of installing draconian application whitelisting measures, what’s the easiest (and cheapest) way to keep browser toolbars off of users’ machines?
You are not alone in your frustration at the myriad of browser toolbars that suddenly appear on users’ machines. Many toolbars earn their revenue by delivering targeted advertising to the user, often via pop-up ads. Some change browser settings and monitor and report to their control servers on the sites a user visits, often without the user's knowledge or consent. Also, as attacks against Windows and Internet Explorer are becoming more difficult, hackers are turning to automating attacks against third-party browser plug-ins and other non-Microsoft applications. It’s difficult for firewalls to block browser extensions because they're integrated into the Web browser itself.
Interestingly, Mozilla announced in January 2011 it will be blocking the Skype toolbar add-on, which comes bundled with the Skype client, in all versions of its Firefox browser. Mozilla claims the current version of the Skype Toolbar is one of the top causes of crashes of Mozilla Firefox 3.6.13 and can potentially slow down the rendering of regular webpages.
If your organization uses Internet Explorer, you can use Group Policies to lock down certain IE features to improve performance and security. There are various settings you can configure to restrict which add-ons may be installed or run:
- Allow third-party browser extensions;
- Deny all add-ons unless specifically allowed in the Add-on List;
- Do not allow users to enable or disable add-ons.
To uninstall an existing toolbar from Internet Explorer, you need to use the Add or Remove Programs applet, while in Firefox you need to use the Extensions Manager. Adware toolbars can also be removed by running an adware removal tool such as XoftSpySE Anti-Spyware, which can remove unwanted browser add-ons as well as disable unwanted programs from launching at start-up.
This was first published in October 2011