I have Voodoo Shield, Hard Configurator, and an AV.
Somehow, while working, an excel file automatically downloaded to my computer without my permission.
Is there a setting in Voodoo Shield or Hard Configurator to stop this from happening again?
Any insight appreciated!
The problem of drive-by download without permission is usually related to HTML Smuggling. If you open a compromised or specially crafted web page (also specially crafted HTML attachment), then the embedded JavaScript can automatically do some things without your permission:
- Download a payload from a malicious URL to your disk.
- Drop a payload already embedded in the HTML attachment.
This can be prevented by blocking scripts in the web browser, but such a setting will also break many web pages.
Look for example here:
HTML smuggling, a highly evasive malware delivery technique that leverages legitimate HTML5 and JavaScript features, is increasingly used in email campaigns that deploy banking malware, remote access Trojans (RATs), and other payloads related to targeted attacks.
www.microsoft.com
The attacker still cannot automatically execute the payload. In theory, the payload can be downloaded and executed without your permission, but this would require exploiting the web browser. Such exploits are quickly patched, so you probably will never see any of them.
Post edited.
I am not sure if the setting "Ask where to save..." can effectively solve the problem. The file can be probably saved without this alert to the default location.
