A blog about generally interesting infosec stuff by Darren Fuller/Paul Marsh, SecQuest Information Security https://www.secquest.co.uk

Friday, 9 December 2011

SmartScreen Filter Going Too Far?

Chatting to a friend earlier who had noticed requests for files on his server coming from unknown IP addresses.  Nothing weird about that, happens all the time...

BUT the files being requested had UNIQUE filenames known only to person-X and person-Y!

Looking in to this the issue is caused by IE9's SmartScreen protection. Files you download with IE are subsequently downloaded by a 3rd party, presumably for analysis. This could cause a serious breach of privacy and is DEFAULT behaviour.