Firefox prevents drive-by downloads from malicious websites
Drive-by downloads are a number of attacks that some malicious websites prefer to use. They automatically download executable files and then trick users to execute them.
The so-called drive-by download mainly refers to the use of technologies such as nested frames to download files through the legal functions of the browser, but this does not require user confirmation.
After the file is downloaded in an instant, the attacker can induce the user to execute it with a copy on the web page, so this also poses a security risk for some non-professional users.
The Firefox browser engineering team naturally noticed illegal operations such as drive-by downloads, so the Firefox browser has also begun to block in the latest beta version.
Of course, this feature shields the technology that uses nested frame downloads. Subsequent Firefox versions will not support this technology and therefore cannot be used again.
Google started blocking drive-by downloads last year and blocked the technology in the stable version in May this year, so attackers cannot use Google Chrome.
Blocking this technology in major browsers may not cause similar attacks to occur frequently.