IE8 SmartScreen filter racks up a billion malware blocks

26 Jul, 2010

Microsoft's malware defence system for Internet Explorer is not only protecting its users from online threats, but is getting better at doing it too, the company has revealed.

Internet Explorer 8 and its SmartScreen filter have blocked a billion attempts to download malware to users' PCs, according to Microsoft.

SmartScreen is a feature in IE8 that checks websites the browser is attempting to access against a whitelist of known safe sites, and even if the user goes ahead to visit the suspicious site, will still stop any files from the site from being downloaded.

The significance of the milestone, according to Microsoft product manager James Pratt, is not simply in the number of threats Microsoft has managed to block, but also in how quickly it has come up. “We have got better and better at blocking malware through the SmartScreen Filter because we have continued to invest in our back end service,” Pratt wrote in a company blog.

The filter examines URLs and the servers hosting them against its whitelist. If it detects a server known to host malicious content, it will display a warning that navigating to the site is potentially dangerous, giving the user the option to continue or return to their home page directly.

The filter first went live in March 2009, and according to Pratt by August had blocked around 70 million malware requests – an average of about 18 million per month. Fast forward a year and 100 million attemps to download malware have been blocked in the past two months alone.

Of course, the browser's user numbers have also increased in that time, but once that has been factored in, the filter is still blocking nearly three times as much malware per user than a year ago, Microsoft claims.

Earlier this year, security software firm Kaspersky revealed that the number of malware threats online appeared to be levelling off, but that they were growing in sophistication. This view was backed up by a Websense report revealing that 71 per cent of malware discovered in the second half of 2009 was found being hosted by otherwise trustworthy sites.