Skip to main content

There have been several recent reports of fake updaters that spoof Google Chrome, Mozilla Firefox, and Internet Explorer landing pages. When the user clicks on the upgrade option, a JavaScript file is downloaded and executes malware. You have several options to block or change the default behavior to better protect workstations.

Block JavaScript at the email gateway

First and foremost, block .js and .jse file types at the email gateway. There is no logical reason to be receiving or sending JavaScript files to the average user. Review all the file types you block on a regular basis and allow only those file types you want to receive. You should also regularly review the files you allow through firewalls, email, file transfers and any other means. Clearly communicate to your users what file types are and are not allowed. For web-based portals, you can easily do this by documenting what is and is not allowed on the site.

Reassociate untrusted file types with another file type

Original article source was posted here