A safer way to conduct online transactions and a new exploit blocker are the keystones to Kaspersky Lab's 2013 security suites, the company announced today.
The major new feature that's in both Kaspersky Internet Security 2013 (download exclusively from Download.com today) and Kaspersky Anti-Virus 2013 (download) is the exploit blocking engine called Automatic Exploit Prevention. It's a response to the increase in the number of phishing attacks and includes an anti-phishing engine -- similar to the antivirus and anti-malware engines -- that updates daily.
Roel Schouwenberg, a senior antivirus researcher at Kaspersky and founding member of the Anti-Malware Testing Standards Organization, told CNET at a reviewer's conference earlier in the year that "online banking Trojans are huge profits for bad guys." Protecting yourself from them is best done with Kaspersky's new engine, he argued.
News reports of recent successful banking breaches can score anywhere from $3 million to more than $220 million, Schouwenberg noted, saying that U.S. banks generally have much lower standards of security than their European counterparts.
Kaspersky has found its Automatic Exploit Prevention to be highly effective against phishing attacks, Kaspersky antimalware research director Oleg Ishanov said at the same conference. He noted that the Automatic Exploit Prevention blocked the BlackHole exploit pack 100 percent of the time. That kit drives 95 percent of the phishing exploits, he said.
A major component of the exploit prevention engine is Address Space Layout Randomization, or ASLR. It's a proven security technology, used in Apple OS X and iOS, in Google's Android, and by Microsoft in Windows 8. It's not foolproof, but it is one of the more effective security technologies currently available. The inclusion of ASLR in Kaspersky means that the technology will be available to Windows 7 and earlier versions, making Kaspersky unique in the security realm for that reason.
Also on the threat-blocking front, Kaspersky now blocks Duqu and other malware specifically designed to surreptitiously install on your computer before the antivirus program loads during boot.
Safe Money revamps the Safe Run feature from previous years and is only in Kaspersky Internet Security 2013. It basically streamlines the process of accessing banking sites securely. Simply go to your banking site, and as long as you have Kaspersky's browser add-ons installed, it will ask you if you want to open the site in a sandboxed mode, isolated from other browser and PC processes. You can also manually add other sites to Safe Money in Kaspersky's interface, but it's no longer a requirement because of Safe Money's new auto-detection.
Both Kaspersky 2013 versions have undergone a rash of useful but minor improvements. The secure keyboard for protecting personal data when entered by a physical keyboard works with more sites than before; the installer will remove conflicting programs and malware automatically; there is expanded browser compatibility; and better battery management is in place for laptops.
Full reviews of both suites will be available later today, but for now we can say that CNET Labs found Kaspersky's suites to slow down our test computer's boot cycle the most of the few suites tested so far. On the other hand, they also have had the least-noticeable impact so far on shutdown times. Benchmarked scan times were unimpressive but not terrible -- our general assessment of Kaspersky's scan speeds. On the positive side, navigating the tweaked interface was fast, with windows instantly opening and no drawn-out animations slowing you down.