Choice of browsers could be double-edged sword
by Steve Ragan - Feb 23 2010, 15:40A full scale roll-out of a new Windows update, set to begin around March 1, will allow Internet Explorer users in Europe to select something other than Microsoft’s built-in Web experience. At the same time, this deployment strategy could come back to bite some users.
The European Commission and Microsoft reached an agreement back in December on a number of issues, one of them being the use of various browsers on the Windows operating system. As a result, Microsoft has agreed not only to allow the installation of other Web browsers on the Windows platform, but they will list each option in a popup window, allowing the user to select and install the browser of choice from a single location.
The options, including Chrome, Opera, Safari, Firefox, and the ability to keep Internet Explorer, are all presented in random order. The installation dialogue will be delivered as a Windows Update download to everyone in the EU using Windows XP, Windows Vista and Windows 7.
The potential issues stem from the deployment method. While the browser selection option is for EU users alone, the potential to see this display abused as a method to deliver Rogue anti-Virus applications is present. Criminals could easily construct a website or popup that mirrors the one Microsoft has developed, cloning it to offer “security products” or link users to malicious sites.
“With possibly millions of people seeing the legitimate browser choice screen, it's easy to imagine that anyone querying a similar-looking pop-up on their screen could be batted off with a hasty ‘Yes yes, it's legitimate… we're all seeing it’,” said Graham Cluley on Friday, mirroring out sentiments exactly.
As it stands now, most Rogue anti-Virus applications start from a page that warns you of potential threats to your system. Often they will show you personal details by using JavaScript on the website, detailing IP addresses, browsing history, and a list of Malware names, as proof that there is in infection or security risk. While most of you reading this scoff at those attempts, millions more panic or attempt to escape the site and click ok, often resulting in a download or infection.
Adding another popup to the mix would cause no problems for the criminals pushing the Rogue anti-Virus, and a preselected field of millions of potential victims, considering the size of the EU, is a tempting target. After that has run its course, then it could be added to the rotation within the affiliate programs running the Rogue anti-Virus scams, opening the potential mark list to the entire Web.
Testing in the U.K., Belgium, and France starts next week, Microsoft said. During the test, users will get a prompt to download and install the browser selection update. After that, Windows Update will pass on the new installation starting March 1, and progressing throughout the week.
Use caution when you see similar screens after you have made a decision to either keep Internet Explorer or install an alternative browser. If you are online and a site offers alternates long after you selected one from the official list, play it safe by closing the browser.
In addition, since Rogue anti-Virus applications are becoming more and more popular with criminals, legitimate anti-Virus vendors are adding more defenses to detect and remove them, so another layer of protection is to remember to keep said software updated.
Comment on this Story