Watch out for Microsoft Edge's SmartScreen

SmartScreen is one of Microsoft's security features in the Edge browser to warn about websites that have been flagged as dangerous. But a security researcher has discovered a way that cyber criminals can use to abuse this possibility by delivering false warnings.

Manuel Caballero explains his blog, that Microsoft Edge has a vulnerability that allows ms-appx: and ms-appx-web: two commands that can generate fake warnings similar to those issued by SmartScreen and which could be used in more complex ways.smartscreen

For example, attackers could use these warnings to persuade their unsuspecting victims to call a phone number from where they would try to steal various information.

SmartScreen is a feature that is available on both Microsoft Edge and Internet Explorer, but this bug has only been proven in the default Windows 10 browser.

In essence, SmartScreen is an extremely useful feature that keeps users safe from websites that are used to spread malware.

Microsoft currently has no solution to the problem and is probably preparing to fix it in the next updates. At present, the defect exists and has already been reported to the general public. For this, be very careful when browsing Edge, until Microsoft decides to fix it.

Of course, you can always use another browser that offers more security (see Firefox and Google Chrome).

https://www.brokenbrowser.com/spoof-addressbar-malware/

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).