Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Learn More

Dizze konversaasje is argivearre. Stel in nije fraach as jo help nedich hawwe.

google safe browsing: meaning of "malicious software being downloaded and installed without user consent"

  • 5 antwurd
  • 3 hawwe dit probleem
  • 1 werjefte
  • Lêste antwurd fan TheOldFox

Ipoetia
Ipoetia
more options

As an example, see http://www.google.com/safebrowsing/diagnostic?site=google.com What does this phrase mean? Is it a browse-and-get-owned exploit? Is it for outdated browsers, or modern browsers too? Does it require specific vulnerable plugins to be active, such as Java?

As an example, see http://www.google.com/safebrowsing/diagnostic?site=google.com What does this phrase mean? Is it a browse-and-get-owned exploit? Is it for outdated browsers, or modern browsers too? Does it require specific vulnerable plugins to be active, such as Java?

Alle antwurden (5)

TheOldFox
TheOldFox
more options

Read the following about "drive-by downloads". Item 2 at the top of the page. User does not need to click on something on the infected page for a download to occur. Simply visiting the page is enough for the download to occur.

You can also read this (3rd paragraph under "Delivery Methods").

Bewurke troch TheOldFox op

Ipoetia
Ipoetia Fraacheigener
more options

So in this case, the malware is downloaded, but not run?

TheOldFox
TheOldFox
more options

Most malware using the drive-by download method is downloaded and automatically installed or the user is fooled with some pop-up to "update" something which they may already have installed or believe that they need to install. Read the last paragraph (above "References") in - https://en.wikipedia.org/wiki/Drive-by_installation

  • A drive-by install (or installation) is a similar event. It refers to installation rather than download (though sometimes the two terms are used interchangeably).

Bewurke troch TheOldFox op

Ipoetia
Ipoetia Fraacheigener
more options

Then in this case, how worried should I be about the safebrowsing numbers for "malicious software being downloaded and installed without user consent", if I am using an up-to-date Firefox with javascript enabled? What if I have flash enabled?

TheOldFox
TheOldFox
more options

Bottom line: The warning is just that - a warning.

  • If a user proceeds to a suspicious site or a site known to be malicious, it is the user's decision and responsibility.
  • The browser used and/or browser settings may or may not protect you if it is a new (zero-day) attack vector. That is the reason for frequent updates.
  • If a user proceeds and is infected with a virus, the user needs to refer to the following for assistance -

The information on the page http://www.google.com/safebrowsing/diagnostic?site=www.google.com seems a bit garbled and contradictory as it starts by saying "Of the 37966 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent" then below that listed sites that may contain malicious downloads. You will need to contact Google about that seeming discrepancy as Mozilla is not involved in visiting or analyzing those pages

I gave you the definition that you requested in your original question. If your aim is to investigate Google's methodology or reporting, then contact Google.