Microsoft Research Builds 'BrowserShield'

SteelyBen writes "Researchers at Microsoft have completed work on a prototype framework called BrowserShield that promises to intercept and remove, on the fly, malicious code hidden on Web pages, instead showing users safe equivalents of those pages. The BrowserShield project, an outgrowth of the company's 'Shield' initiative, could one day even become Microsoft's answer to zero-day browser exploits such as the WMF (Windows Metafile) attack that spread like wildfire in December 2005."

It already exists, and it's called the Proxomitron

[Traf-O-Data-Hater]

Sounds like M$ has just "invented" a limited-functionality locked-in version of the marvellous Proxomitron. An application I truly wouldn't be without. Scrubs HTML nasties right out of the box, and also allows you to see a web page the way you want to see it. It runs with any browser, not just Internet Exploiter. And it's the right price, too.

Already in anti-virus software

[cibyr]

This sort of thing is already in anti-virus software. I use Avast! (free edition) and it has a "Web Shield" module (sounds a look like "Browser Shield", doesn't it?) that transparently proxies web traffic. When it finds anything nasty it pops up dialog box asking you if you want to download/access it anyway or "abort connection".

While this is all well and fine, would it be too much for Microsoft to just patch their bugs?

Re:Strangling metaphors

[troon]

It's a Reliant Robin, dammit. The model is a Robin, made by Reliant.

Re:zero-day browser exploits

[kripkenstein]

Perhaps you joke, but it really isn't that clear whether this will work or not. TFA says

The research group tested BrowserShield against eight IE patches released in 2005 and found that BrowserShield--when used in tandem with standard anti-virus and HTTP filtering--would have provided the same protection as the software patches in every case

There were far more than 8 patches in 2005. How were these 8 selected? Were they of a specific type? Without such details, it's hard to form an opinion about this 'BrowserShield' thingie. For all we know, they selected the most convenient 8 to prove their point.

Re:Just what we need

[rjstanford]

AdMuncher (the single best Windows ad-blocking program, for whatever browser, bar none (IMnsHO)) already provides this functionality out of the box. Any 'sploits are easily blocked, once they're identified, as are damn near all the ads. As a bonus, when people are doing things like not properly recognizing IE7's flash handling (and I'm looking at you, SWFObject), you can easily rewrite the fairly recognizable line of code in a standard library as it comes down the pipe and fix a whole ton of "broken" webpages.

"Correct"? Probably not. Convenient? Absolutely.

AM is one of the very few modern shareware programs I not only paid for, but paid early and promote often. And no, I'm not involved, just an incredibly happy customer (and boy do the Mac blockers have a long way to go in comparison).