Microsoft is banning the adware method that caused Lenovo’s Superfish scandal

22.12.2015
The type of dangerous adware that Lenovo pre-loaded on PCs earlier this year will soon be banned entirely from Windows devices.

In a post on its TechNet blog (via Engadget), Microsoft said it will no longer allow ad injection software that uses “man-in-the-middle” techniques, such as injection by proxy, changing DNS settings, and network layer manipulation. Microsoft will begin enforcing the rules on March 31, 2016.

Once the policy goes into effect, adware will only be allowed through browsers’ official extensibility methods. In other words, if you want to see adware in Chrome for some reason, you’ll have to go to the Chrome Web Store and install it yourself. You’d then be able to uninstall the adware just as easily through Chrome’s extensions menu.

As we saw with Lenovo’s Superfish scandal, “man-in-the-middle” adware isn’t just intrusive, it can also pose a security risk by replacing the certificates websites use to keep your data safe. In the case of Superfish, the software generated its own root certificate so it could intercept traffic from secure sites and overlay its own ads on the page. If hackers were to gain access to this certificate, they’d be able to spoof secure websites and steal sensitive data.

Although Microsoft and other anti-malware vendors shut down Superfish months ago (and Lenovo vowed to stop shipping PCs with third-party bloatware entirely), the new policy tackles the underlying issue by reclassifying the criteria for adware. “The choice and control belong to the users, and we are determined to protect that,” Microsoft said.

The story behind the story: It’s hard to imagine many people being bothered by the new policy, which raises the question of why Microsoft took so long to implement it. Just to speculate, perhaps Microsoft was reluctant to outlaw behavior that could have some legitimate use cases, but has changed its mind as clear instances of abuse have arisen. And with all major browsers moving away from unrestricted plugins and toward signed extensions, it’s getting easier for users to control what’s being installed directly in their browsers.

(www.pcworld.com)

Jared Newman