Using an adblocker solves that. Not sure how that is specific to Win 7. Hacked websites? Name an example, source it. Difficulty: not from a movie with a skull and crossbones laughing on my screen.
None of these hacker fantasies happen in real life.
You do have a big hosts file and manage your router, yes?
Give me a link to a “hacked website” (F! U! D! Oh my!) right now that I can click on and will install malware on my Windows 7 PC.
Adversaries may gain access to a system through a user visiting a website over the normal course of browsing. Multiple ways of delivering exploit code to a browser exist (i.e., Drive-by Target), including:
A legitimate website is compromised, allowing adversaries to inject malicious code
Script files served to a legitimate website from a publicly writeable cloud storage bucket are modified by an adversary
Malicious ads are paid for and served through legitimate ad providers (i.e., Malvertising)
Built-in web application interfaces that allow user-controllable content are leveraged for the insertion of malicious scripts or iFrames (e.g., cross-site scripting)
Browser push notifications may also be abused by adversaries and leveraged for malicious code injection via User Execution. By clicking “allow” on browser push notifications, users may be granting a website permission to run JavaScript code on their browser.
It’s not Hollywood fantasy, as you claim. It is a well documented attack vector.
Using an adblocker solves that. Not sure how that is specific to Win 7. Hacked websites? Name an example, source it. Difficulty: not from a movie with a skull and crossbones laughing on my screen. None of these hacker fantasies happen in real life. You do have a big hosts file and manage your router, yes? Give me a link to a “hacked website” (F! U! D! Oh my!) right now that I can click on and will install malware on my Windows 7 PC.
Simply untrue. Hollywood fantasies.
It’s called a Drive-by Compromise:
A legitimate website is compromised, allowing adversaries to inject malicious code
Script files served to a legitimate website from a publicly writeable cloud storage bucket are modified by an adversary
Malicious ads are paid for and served through legitimate ad providers (i.e., Malvertising)
Built-in web application interfaces that allow user-controllable content are leveraged for the insertion of malicious scripts or iFrames (e.g., cross-site scripting)
It’s not Hollywood fantasy, as you claim. It is a well documented attack vector.