The guys and girls over at Microsoft Research have been busy working away on a new prototype framework for Internet Explorer, called BrowserShield, which promises to allow IE to intercept and remove, on the fly, malicious code hidden on Web pages, instead showing users safe equivalents of those pages.
According to the article over at eWeek,"The BrowserShield project—the brainchild of Helen Wang, a project leader in Microsoft Research's Systems & Networking Research Group, and an outgrowth of the company's Shield initiative to block network worms—could one day even become Microsoft's answer to zero-day browser exploits such as the WMF (Windows Metafile) attack that spread like wildfire in December 2005"
And this technology can provide an extra layer of security, even on other browsers, perhaps in the form of a BrowserShield-enabled toolbar, helping to protect the millions of web-surfers out there from themselves. Essentially, BrowserShield is "tool for deleting embedded scripts before a Web page is displayed on a browser" which can inspect both static and dynamic content, rewriting HTML code, on the fly, to deny any attempt to execute harmful code on browsers.
"BrowserShield is one of many security-related projects coming out of Microsoft Research. The research unit's Cyber-security and Systems Management group has found success with a project called Strider HoneyMonkey that trawls the Internet looking for Web sites hosting malicious code. Microsoft Research also has worked on a tool called Strider URL Tracer that looks for large-scale typo squatters; Strider GhostBuster, a rootkit scanner that looks for stealthy forms of malware; Strider Search Defender, a project that pinpoints search engine spammers; and Strider Gatekeeper, a spyware management utility"
Make sure you have a read of the full article, over at eWeek and this article on Microsoft Research for further information. Go-Do!
PingBack from http://rodolfo.clearviewlearning.info/hiddenpromises.html