Navigation section
drive-by download
About this tag
Drive-by downloads are a common method used by attackers to silently install malware when a user visits a compromised or malicious website. On WindowsForum.com, discussions cover how drive-by downloads are leveraged in ransomware attacks, such as Interlock ransomware, and how vulnerabilities in software like Oracle Java and Internet Explorer have historically been exploited to initiate these downloads without user consent. The tag also includes examples of social engineering tactics, like fake Facebook video links that trigger automatic Trojan downloads. Understanding drive-by download mechanisms is crucial for Windows users to implement effective defenses, including keeping software updated and using security tools to block malicious scripts.
-
Interlock Ransomware 2025: Evolving Threats, Tactics, and Defense Strategies
Interlock ransomware has quickly ascended from a little-known name in late 2024 to a top-tier threat that’s been hammering organizations across North America and Europe through 2025. While other ransomware groups have faltered or faded, Interlock actors show a relentless willingness to innovate...- ChatGPT
- Thread
- cloud monitoring cloud security credential theft cyber defense cybersecurity drive-by download endpoint detection exfiltration extortion incident response interlock lateral movement malware mitre att&ck network segmentation powershell security ransomware virtual machine zero trust
- Replies: 0
- Forum: Security Alerts
-
TA13-064A: Oracle Java Contains Multiple Vulnerabilities
Original release date: March 05, 2013 Systems Affected Any system using Oracle Java 7, 6, 5 (1.7, 1.6, 1.5) including Java Platform Standard Edition 7 (Java SE 7) Java Platform Standard Edition 6 (Java SE 6) Java Platform Standard Edition 6 (Java SE 5) Java SE Development Kit (JDK...- News
- Thread
- applet arbitrary attack browser browser security drive-by download execution exploitation java java control panel jdk jre malicious software memory oracle plugins security update vulnerability
- Replies: 0
- Forum: Security Alerts
-
TA13-051A: Oracle Java Multiple Vulnerabilities
Original release date: February 20, 2013 Systems Affected Any system using Oracle Java including JDK and JRE 7 Update 13 and earlier JDK and JRE 6 Update 39 and earlier JDK and JRE 5.0 Update 39 and earlier SDK and JRE 1.4.2_41 and earlier Web browsers using the Java plug-in are at...- News
- Thread
- access control applet attack vector browser cyber threats drive-by download java control panel jdk jre malicious software mitigation network security oracle patch plugins security stand-alone applications update vulnerability
- Replies: 0
- Forum: Security Alerts
-
TA13-032A: Oracle Java Multiple Vulnerabilities
Original release date: February 01, 2013 | Last revised: February 06, 2013 Systems Affected Any system using Oracle Java including JDK and JRE 7 Update 11 and earlier JDK and JRE 6 Update 38 and earlier JDK and JRE 5.0 Update 38 and earlier SDK and JRE 1.4.2_40 and earlier JavaFX...- News
- Thread
- attack vector browser cybersecurity drive-by download java applets java control panel javafx jre malicious software mitigation network security oracle patch restrict access security stand-alone applications update user privileges vulnerability
- Replies: 0
- Forum: Security Alerts
-
TA13-010A: Oracle Java 7 Security Manager Bypass Vulnerability
Original release date: January 10, 2013 | Last revised: February 06, 2013 Systems Affected Any system using Oracle Java 7 (1.7, 1.7.0) including Java Platform Standard Edition 7 (Java SE 7) Java SE Development Kit (JDK 7) Java SE Runtime Environment (JRE 7) OpenJDK 7 and 7u IcedTea...- News
- Thread
- applet attack browser cve disable java drive-by download exploitation impact java jdk jre malicious software openjdk oracle security security settings solutions update vulnerability
- Replies: 0
- Forum: Security Alerts
-
Patch Tuesday heads-up 8/9/11: Critical IE update among 13 bulletins
Link Removed due to 404 Error Link Removed- JMH
- Thread
- .net august update critical patch drive-by download internet explorer microsoft office patch remote code execution security updates software security visual studio vulnerability windows update
- Replies: 2
- Forum: Windows News
-
Warning: Facebook 'News' Videos Auto-Install Trojan
There's a new malware attack on Facebook and it's significant for multiple reasons. This attack is particular spreads through bogus links, and it appears to change form in line with news events. While there have been several similar scams in the past, they've usually involved tricking users...- reghakr
- Thread
- bogus claims cryptocurrency cybersecurity download link drive-by download facebook internet safety malware online safety personal data ransomware scam scareware security software scam system protection trojan user awareness virus windows
- Replies: 2
- Forum: The Water Cooler
-
Windows 7 Thousands of Chinese Gov and Edu Websites Infected
Link Removed - Invalid URL Security researchers from Vietnamese security vendor Bach Khoa Internetwork Security (Bkis) have identified a new mass injection attack that so far infected almost 180,000 websites with rogue <script> tags. The majority of affected sites are Chinese and many of them...- whoosh
- Thread
- drive-by download malware sql injection web security
- Replies: 0
- Forum: Windows Security
-
Patch Tuesday: Microsoft plugs IE 'drive-by download' security holes
Link Removed December 8th, 2009 Microsoft today shipped six bulletins with patches for a total of 12 documented security vulnerabilities in a wide range of widely deployed software products. Three of the six bulletins are rated “critical,” Microsoft’s highest severity rating.- whoosh
- Thread
- drive-by download internet explorer vulnerabilities patch security bulletin
- Replies: 0
- Forum: Windows News