Welcome to the Computer Security Wiki! You can help us by expanding stubs, create new articles and improve current articles.
You can also help us by logging-in or creating an account!

Web Browser

From Malware Wiki

(Redirected from Browser)

Jump to: navigation, search

Nomalware.png This page is not malware, despite having an article on the Wiki.

MultipleIssues.png This page has multiple issues. These issues most likely include issues with references and manual of style violations. Please help Malware Wiki by correcting these issues.

A web browser is a software application which enables a user to display and interact with text, images, videos, music, games and other information typically located on an Internet website.

From a security perspective, there are two potential problems to need to defend against, while still allowing the user to access useful information, any web browser can be used to (unintentionally) install malware.

Some fraudulent web sites trick the user into downloading and installing a trojan, a keylogger<ref name=":0">"Are the Browser Wars Back? How Mozilla's Firefox trumps Internet Explorer." by Paul Boutin 2004 </ref>, or other malware, and some web sites exploit a vulnerability in some web browsers, directly downloading and installing malware without the user doing anything.

A web browser can also gain private information over the user.

Internet Explorer

Internet Explorer has had so many vulnerabilities that Bruce Schneier, David A. Wheeler, and other security experts recommend switching to a different web browser<ref>"Time to Dump Internet Explorer" by Scott Granneman, 2004 </ref><ref>"Safe Personal Computing" by Bruce Schneier, 2004 </ref><ref>"Securing Microsoft Windows (for Home and Small Business Users)" by David A. Wheeler, 2008 </ref>.

Mozilla Firefox and Google Chrome

Mozilla Firefox/Google Chrome users are starting to get targeted by malware writers because of an increasing market share.<ref name="BC">FireFox Users Targeted By Rare Piece Of Malware. BleepingComputer.com</ref> The malware, which BitDefender dubbed "Trojan.PWS.ChromeInject.A" sits in your add-ons folder which runs when it is started. The malware uses JavaScript to identify more than 100 financial and money transfer Web sites, including Barclays, Wachovia, Bank of America, and PayPal along with two dozen or so Italian and Spanish banks. When it recognizes a Web site, it will collect logins and passwords, forwarding that information to a server in Russia.<ref name="BC" /> When it runs on a PC, it registers itself in the system files as "Greasemonkey," a well-known collection of scripts that add extra functionality to Web pages rendered by Firefox.<ref name="BC" />


Most browsers provide a "sandbox" to allow a program to run without access to the rest of the computer. Included in most browsers is a sandbox for Java applets and another sandbox for JavaScript applets. Many users also choose to download the Adobe Flash plugin that includes a sandbox for Adobe Flash animations, and the Microsoft Silverlight plugin that includes a sandbox for Silverlight applications.


<references />

External links

<references />