A drive-by download is an unintended download of malicious software onto a computer or a mobile device. It can be authorized, with the person not being aware of what they are downloading, or unauthorized when it happens without the victim’s knowledge (e.g., upon visiting a website).
Since malicious actors use outdated systems and browsers with vulnerabilities to push drive-by downloads, keeping the system up-to-date helps prevent this attack.