I saw this in the new beat post above-

"Advanced heuristic phishing and exploit detection mechanisms"

Could someone explain to me what the "exploit detection" is and how it protects? Is this like a real time scan of the web page?

Hi Acr,

Protection from exploits
ThreatExpert defines exploit sites as those sites which host a piece of code that takes advantage of an existing software vulnerability, which in turn can silently download malicious software.

The Browser Defender toolbar offers protection from exploit sites by detecting them in real-time and displaying warnings depending on the threat posed.

Exploit Detections
When the Browser Defender toolbar is checking a site in real time, you might receive a popup warning informing you of an exploit attack based on the 3 most common types of attacks:

MDAC Exploit
Microsoft Data Access Components (MDAC) 2.8 contains core Data Access components such as the Microsoft SQL Server™ OLE DB provider and ODBC driver.

Depending on the version of Windows and Internet Explorer that you are using you may notice that you are prompted to install this component prior to the attack.

Heap Spray Attack
A Heap Spray Attack works by filling the computer's memory with a dangerous program that can then be triggered to be run. One trigger method is to execute an exploit. Usually the Heap Spray Attack is executed before an exploit attack. It is very important to stop the web page from downloading before it finishes and completes the attack by executing an exploit which will hand over to the dangerous program loaded into memory by the Heap Spray Attack.

Such programs download unknown files on to your PC, steal information, and execute Spyware, Adware & Key Loggers.

SetSlice Exploit
An integer overflow vulnerability in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via parsing a specially crafted argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to execution of a dangerous program in memory.

How to prevent an exploit attack?
When you receive a Browser Defender exploit popup, there are two option buttons, "Block" and "Allow". To prevent the exploit attack, click on the "Block" button, it will then block every exploit of this type from running.

If the "Allow" button is pressed, it will then allow the detected exploit to run and detect the next exploit attack which may attempt to run. It is common for a malicious site to host many types of exploits.

Learn how to protect yourself from exploits
In the Browser Defender popup, along with the "Allow" and "Block" buttons is a link titled "Learn how to protect yourself". When clicked, this link will open a Browser Defender help page which will give you a brief description of the attack/exploit and advice on how to protect yourself from it in the future. The page will also display the page location and exploit origin (when available) on a map.

thanks for the info

Would it be a safe assumption that the beta is geared more toward XP and/or IE6 as opposed to IE7 in Vista?

Would it be a safe assumption that the beta is geared more toward XP and/or IE6 as opposed to IE7 in Vista?

They both should be equally as compatible and same protection.