Το SmartScreen είναι ένα από τα χαρακτηριστικά ασφαλείας που διαθέτει η Microsoft στο πρόγραμμα περιήγησης Edge για να προειδοποιεί για ιστοσελίδες που έχουν επισημανθεί σαν επικίνδυνες. Όμως ένας ερευνητής better safetys discovered a way cybercriminals can use to abuse this feature by delivering false alerts.
Manuel Caballero explains his blog, that Microsoft Edge has a vulnerability that allows ms-appx: and ms-appx-web: two commands that can generate fake warnings similar to those issued by SmartScreen and which could be used in more complex ways.
For example, attackers could use these warnings to persuade their unsuspecting victims to call a phone number from where they would try to steal various information.
SmartScreen is a feature available in both Microsoft Edge and Internet Explore, but this bug has only been proven in Windows 10's default browser.
In essence, SmartScreen is an extremely useful feature that keeps them users safe from websites used to spread malware.
Microsoft currently has no solution to the problem and is probably preparing to fix it in the next updates. At present, the defect exists and has already been reported to the general public. For this, be very careful when browsing Edge, until Microsoft decides to fix it.
Φυσικά μπορείτε πάντα να χρησιμοποιήσετε κάποιον άλλο browser που θα σας προσφέρει περισσότερη ασφάλεια (βλέπε Firefox και Google Chrome).
https://www.brokenbrowser.com/spoof-addressbar-malware/