Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Microsoft moves to mitigate man-in-the-middle malvertising

Microsoft moves to mitigate man-in-the-middle malvertising


Microsoft has announced that with effect from March 31, 2016, it will enforce new adware objective criteria in an attempt to mitigate the evolving malicious advertising threat landscape. The moves by Microsoft will be looking to address the particular problem of ad injection software whereby automated advertising networks are tricked by threat actors into delivering ads complete with embedded malware. Ad injection software has evolved, and is now using a variety of ‘man-in-the-middle' (MiTM) techniques. Some of these techniques include injection by proxy, changing DNS settings, network layer manipulation and other methods. All of these techniques intercept communications between the Internet and the PC to inject advertisements and promotions into webpages from outside, without the control of the browser. Barak Shein and Michael Johnson from the Microsoft Malware Protection Center in a Threat Research & Response indicated that their intent is to keep the user in control of their browsing experience.
 
Source:
SC Magazine
 
ZDNet
 
Team Cymru
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis