Microsoft’s IE9 security team released some interesting data culled from all of SmartScreen’s app reputation queries. According to the team, 1 in 14 programs that’re downloaded are later determined to be malware, and in most cases, the malicious software was installed as a result of good old fashioned social engineering.
When a piece of malware is new, it’s unsigned and has no reputation, so when an IE9 user attempts to download it, SmartScreen Filter will give an “Unknown Program” warning. More than 50% of programs lacking a reputation are new to the Web on a given day. The team says clicking through this warning carries a 25%-70% risk of malware infection. Programs and publishers that have already built reputation do not show a warning.
The team said today that 95% of the time, IE9 users will choose to delete or not install a piece of malware because of this warning.
Moving forward, they project it’ll contribute to the blockage of 20 million attempted infections per month, while only yielding 2 warnings per year for the average user.
[Source: IE team blog]