Windows 8 to feature native SmartScreen file checking

As Microsoft anticipates a richer “apps” ecosystem for Windows 8, they appear to be taking some extra steps to shield users from malicious applications with the introduction of an in-built file verification policy powered by the SmartScreen Filter.

Originally a feature from Internet Explorer but now also (annoyingly) integrated in Windows Live Messenger 2011, SmartScreen is practically a dynamic list of known “illegal, viral, fraudulent, or malicious” URLs that Microsoft manually or algorithmally identifies. It uses this list to compare the link or executes a user visits or downloads, warning if there’s a match.

Although it’s been proven highly effective to prevent socially engineered malware, it’s also subject to false positives which frustrates developers to “clear their name”.

In Windows 8, SmartScreen appears to serve two purposes – to reactively check the file system and proactively prevent any downloaded applications from running that are unknown to the filter. Unfortunately I haven’t been able to trigger it so I don’t know exactly how it responds but I presume not unlike a security warning. Having said that, it’s comforting to know the feature can also be disabled for the brave.

This addition mechanism adds to a growing list of security-centric features and tools including but not limited to digital signing, User Account Control, Windows Defender and Security Essentials that Microsoft is building into Windows or making available for free. A win for users of course.

Update: To clarify, the “never run programs” options is not on by default.

74 insightful thoughts

  1. That feature (presumely of course) will be activated by default only if you have UAC on high or if you are on work pc.

    I thought it to be a great addition.

  2. That would be much better, because think about it — applications would develop a reputation much faster.

    Instead of Internet Explorer users only contributing to the reputation of files, it will be anyone who uses Windows 8 regardless of browser.

    The IE Team has made a post about the development of reputation for applications, and that it is recommended you sign your applications as it doesn’t make IE9 display such a “scary” warning when it has no reputation yet compared to unsigned applications. See: http://blogs.msdn.com/b/ie/archive/2011/03/22/smartscreen-174-application-reputation-building-reputation.aspx

    1. Come on,get real, the first time the user can’t play fishing for kitterns they will turn all that crap off…

  3. One small gripe. Why has Microsoft put this under ‘Folder options’ .It doesn’t make any sense.

  4. Is the ‘Never run downloaded programs that are unknown to SmartScreen’ option enabled by default? Sounds like a recipe for disaster if so.

  5. Services integration into a product is nice but what happens when the online service ceases to exist or discontinued for older versions?

    1. It won’t for a long time… No reason why it would, as Microsoft would be unlikely to remove it from newer versions of Windows, but if they did, Microsoft would continue the service until the end-of-support for Windows 8.

      Well, unless Microsoft just plain disappears ;-)

      1. Microsoft won’t disappear but there’s no guarantee a service won’t (not talking about SmartScreen in particular). MS have in the past built many products and services and discontinued them because they didn’t “click”.

      2. @someone

        True, though if such a service is built into such a widely used product, Microsoft won’t just cut it off before the Windows 8 lifecycle is up…

        Not only that, Microsoft’s SmartScreen service has been around for awhile, the addition of application reputation is an addition to the existing service.

    2. They UI is actually very nice, native looking and has great keyboard accessibility compared to the newer task flow style which reflows content. It’s just too cramped up because the minimum resolution they support is probably still 800 x 600 for netbooks. They need to raise the minimum resolution and scale the dialog to get rid of scroll bars.

      1. That would at least be something! Every time one of those pops up in win7 it is such a stark and crappy contrast to the rest of the OS. It is like they forget they are even there and keeps the os from having a wholly integrated feel.

  6. It seems you do have Windows 8, Long. Could you tell us what the option is under “When typing into list view”?

    You seem to know more than we do ;)

    1. It’s the same option that exists in Windows 7… search or jump-to in name in list.

      1. Thx. I looked it up before posting but didn’t found it because its at the top of that list in my language :o)

  7. This is awesome news, and I would love it if it’s something that can be controlled through Group Policy on domains. Take a standard image of things and then lock things down.

    1. Except for the fact that you can run the applications even if they are unknown… Sure, the option to “never run” them is there, but as Zheng has said, it is not enabled by default, and even if it does become enabled by default it will still be able to be turned off.

      1. Sure, the option is there for the user.
        But the technology is still baked into the Operating System, and I’m sure it is still enabled on a lower level.

        There is nothing to say that Microsoft can’t have a blacklist of applications that it will refuse to let run, despite what the user demands.
        It will probably start at blocking “keygens” and “Genuine windows” cracks, in order to “help protect the user”, or to “protect the intellectual property of developers”.
        But from there it is always a slippery slope, as with any form of “censorship”

    2. Bring out your tin foil hat buddy. Every new feature can be twisted into some sort of a conspiracy theory. Oooooh Microsoft is going to own your soul with [insert new feature name here] ooooooh.Play that game if you must, but if you want to have a meaningful input, it might be a good idea to take an objective look at this feature.

      This feature is already present in internet explorer – and it works well. This looks like a very nice feature for my school (I worked in a large University in Brazil in IT and support) and for my family – and for most of the people that I know. 99% of these folks do not have the faintest idea if the programs they download (or are tricked into downloading) are good or bad. I hope Windows gives admins the tools to set the do not run option by default (if not, I will manually set that option for all the computers that I maintain). I used to remove rogue av software almost every day from faculty and staff laptops – I have to format the machines in most cases.

  8. Pingback: | Barner.dk
  9. As long as there is an option to shut off SmartScreen Filters – there should be no issues. The paranoid as well as the more advanced user will be able to turn off the feature thus no issues.

    More important though, an option to set SmartScreen on as well as “Do not run” via Group Policy would be welcomed. An “run as admin” override on the user machines would also be very helpful thus an Admin could right mouse click and file and run it even if it is black listed by mistake.

Comments are closed.