Malware Protection in Internet Explorer 10 Metro

    General discussion

  • Hello,

    Is there any malware protection in Metro version of Internet Explorer 10?

    I was that dumb to open a site with lyrics from Google results and opening it resulted in a popped up window with a rogue anti-virus. I closed the opened window but am still panicky if this could injected some code into my system.

    I am using a 64-bit OS and hope that there are still not so many 64-bit rootkits in the wild but... Heck! I've forgotten that I am using IE now and not Google Chrome (where I have NoScripts installed). In fact, I wouldn't have bothered using Chrome if there were options to get rid of banners and cross-site scripting. That are the only features I favor in Chrome compared to IE. In the internet of today that's simply impossible to browse pages without having all the malicious scripting cut off. 

    I have UAC enabled and as far as I know all Metro apps are running unelevated, therefore, even if there were some malware, it couldn't harm the system, correct?

    I would love to see any comment.

    Thank you.

    Well this is the world we live in And these are the hands we're given...

    Wednesday, November 2, 2011 12:11 PM

All replies

  • Microsoft’s Defender is preinstalled. Evidently the name is back in favour and replaces the current Microsoft Security Essentials.


    I don’t know for certain but I would assume it handles real-time protection in 'Metro' mode in the same way as 'Desktop' mode.

    Wednesday, November 2, 2011 6:54 PM
  • Thanks,

    Yeah I hope like Defender is doing permanent protection as well, because you have an option to enable it in its parameters, (and that's great that it doesn't bother you with any icons in the notification area; personally I don't feel good with software trying to add as many icons into the notification area as possible, so good solution, Microsoft!)

    Still, what I wanted to ask is how would it possible to inject a code into any process from a Metro app? I thought any Metro app runs in an isolated sandbox thus rendering it impossible to hide behind other process and execute a code with high privileges. Or am I wrong in my assumptions?\

    Thank you.

    Well this is the world we live in And these are the hands we're given...
    Friday, November 4, 2011 11:16 AM
  • The Microsoft's Defender is preinstalled. conspicuously the name is in excess off in favour and reinstates the present Microsoft Security Essentials. I do not be familiar with for certain other than I might collect it handles certifiable-time assurance in Metro mode in the similar course as Desktop mode. For addition information.
    Saturday, December 10, 2011 8:29 AM
  • I seriously doubt the webpage managed to inject real code onto the system. Simply getting a pop-up doesn't necessarily imply that was the case (there are known exceptions to IE's popup blocker that were kept for compatibility reasons and many pages therefore work around it). Metro IE still runs under a heavy sandbox that restricts access to the system beyond even what a limited user can do. Also, as pointed out, Windows Defender (anti-spyware) and Microsoft Security Essentials (anti-virus) have both been integrated directly into Windows 8 and are now classed as just Windows Defender, which would most likely have flagged a virus attack.

    For the most part those pop-up fake Anti-Virus tools are just an effort to scare users into downloading a tool that will supposedly "fix" the problem. That tool is usually the real virus and usually ends up tricking users into paying to remove it.

    Saturday, December 10, 2011 9:02 PM